[SOLVED] How do you clean up revoked Certificates and extra VPN settings?

[ascorbic]

After a lot, a lot, of back and forth trying to get my VPN working it is a success! But all the trail and error I went through I created a ton of certificates. I also created a bunch of VPN servers.

I have revoked all of my server certificates that aren't needed. How can I delete these from the UI?

I have also deleted (using the trashcan icon) all the other VPN servers, but I still see files on the disk for configuration. How do I delete all of these?

Also, in the VPN video, the narrator says to make a certificate for the server and every user. But when you create a VPN server, it automatically creates a certificate in the form of "vpn-{vpnname}"

What is the purpose of that certificate? Is the certificate created from the certificate screen needed?

[Javier Amor Garcia]

We begin at the end..

Also, in the VPN video, the narrator says to make a certificate for the server and every user. But when you create a VPN server, it automatically creates a certificate in the form of "vpn-{vpnname}"

What is the purpose of that certificate? Is the certificate created from the certificate screen needed?

In previous versions the certificate wasnt created automatically so it was needed to create it by hand. The purpose of this certificate is to present it to the VPN client both to identify the server and to be able to send encrypted data to the server. In the server configuration screen you ccould choose another certificate if you wan't to use the automatically created.

I have also deleted (using the trashcan icon) all the other VPN servers, but I still see files on the disk for configuration. How do I delete all of these?

Have you clicked on 'Save changes' after the delete?. If you have done it, you could remove manually those files.

I have revoked all of my server certificates that aren't needed. How can I delete these from the UI?

This feature is not available. However in a real-wrold scenario normally you don't want to delete the expired/revoked certificates. Why?. Because they are included in the list of the revoked certificates and this is needed to make sure that any connection with this certificates  is forbidden.

[ascorbic]

Thanks for the response. When version 2.0 is read I will be more careful so I don't have a bunch of useless old certs.

[Tiss]

Sorry for kicking this old thread, but what is the location of the certificate files? I too would like to delete a few I have created for testing purposes.

[compumatter]

Purge is king and key.  Zentyal does not offer a purge offer in its UI.

sudo apt-get purge zentyal-ca (which also gets rid of data you created in it) including ALL data in VPN

Suggest disabling ipv6 first before reinstalling with
sudo su
sudo echo "1" > /proc/sys/net/ipv6/conf/all/disable_ipv6

The reinstall with fix-missing:
sudo apt-get install zentyal-ca --fix-missing