vpnmain.cgi: Add option to regenerate the host certificate

This is necessary since we now have a much shorter lifetime for the host certificate. However, it is complicated to do this is which is why we are copying the previous certificate and generate a new CSR. This is then signed. A caveat of this patch is that we do not rollover the key. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2026-04-27 19:23:24 +02:00 · 2024-01-30 17:45:44 +00:00
parent aa07e1bb3e
commit 9f01011570
13 changed files with 72 additions and 1 deletions
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -954,6 +954,7 @@ WARNING: untranslated string: hostile networks total = Total Hostile Networks
 WARNING: untranslated string: log drop hostile in = Log dropped packets FROM hostile networks
 WARNING: untranslated string: log drop hostile out = Log dropped packets TO hostile networks
 WARNING: untranslated string: pakfire ago = ago.
+WARNING: untranslated string: regenerate host certificate = Renew Host Certificate
 WARNING: untranslated string: reiserfs warning1 = Reiserfs is deprecated and scheduled to be removed from the kernel in 2025.
 WARNING: untranslated string: reiserfs warning2 = Ensure a fresh installation is made using either ext4 or xfs filesystems before that date.
 WARNING: untranslated string: route config changed = unknown string