Remove Certificate

[nfsiv]

Dear all,

i just finish a installation of Zentyal 3.0, and would like to use it as VPN server, i create a CA for test, and then config a VPN server. but this is only for test, in production, to keep a clean system configuration, i would like to remove the CA then create a new one. but seems like i only can revoke, reuse it.

so my question is can i delete the CA? how to do this?

thanks

[christian]

Working with certificates, the right approach is to revoke it, not to remove. Doing so, you revoked certificate is part of "certificate revocation list" (CRL) adn well implemented PKI and clients are developed to check against this CRL when checking certificate to ensure it is valid.

This said, did you try to remove CA package and install it again (I never did it, that only something I suggest that may solve your problem)

[nfsiv]

Many thanks Christian,

i will try to revoke it, if it cannot work i will remove the VPN service then install/active it again.

but as this is just test, so if all possible way i tried all cannot work, i will rebuild it.

thanks

[jbahillo]

If revoking does not work, I would consider running:

Code: [Select]

/usr/share/zentyal/unconfigure-module openvpn
/usr/share/zentyal/purge-module openvpn
and to reenable module afterwards
Regards