G’day all,
Just had an issue where a cert had expired.
There does not seem to be any notification of expiring certs
Would it be possible to have a the VPN screen look like…
Is this on OpenVPN?
Code was added into this back in Core Update 174 to flag up certificates that are going to expire in 30 days or sooner (Apr 2023) and then those that have actually expired.
It might be the case that the check is not present in IPSec VPN.
On OpenVPN, here is a certificate that I just set up with less than 30 days
You can see that it has (Expires Soon) added to the Name and the line is shown in Yellow.
I will show the result for an expired one tomorrow.
Looking through the code for the IPSec VPN I have not been able to find anything related to the expiry of the certs.
The certs also have a fixed period of 825 days that can not be modified in the WUI page.
If your problem is related to the IPSec VPN then an indication of the expiry of the expiry of the certs is not provided.
In this case it would be good to raise this as a bug in that IPSec does not provide the same sort of warning about expiry as OpenVPN.
1 Like
This shows a client with a certificate that is still valid but will expire within a 30 day period, one that has expired and one that is valid for more than 30 days.
Your screenshot was of an OpenVPN WUI page and I suspect it must be from an old Core Update version if it is not showing the expired info as above.
2 Likes