Renewing Kerio Control SSL Certificates


By default, Kerio Control ships with several predefined SSL certificates which are used for specific purposes. There's a "Default", one for Reverse Proxy, one for Local Authority and one for VPN.

Although by default each of these is assigned to specific uses, in fact you only need one SSL certificate and could use that for every need. Kerio provides multiple certs so that you can revoke one feature without affecting others. That certainly would be an unusual situation, though.

Certificates do expire. That won't necessarily break anything, although it does cause annoying messages and perhaps questions from users. There are some things you need to watch out for when creating new certificates for these uses.

First, although you can use the same name for the new certificate, that can be confusing when you are trying to assign that new cert to its use. I use a different name. Second, don't delete or rename the active certificates until you have the new ones in place. I accidentally did that recently on a VPN certificate and locked myself out of the firewall. Fortunately I was able to access it directly by public IP also.

Selecting new certificates for a Kerio Control VPN connection

See also

Filtering HTTPS connections

Exporting and importing Kerio Control local authority as root certificate

Deploying Kerio Control certificate via Microsoft Active Directory

Got something to add? Send me email.

(OLDER) <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Renewing Kerio Control SSL Certificates

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Anthony Lawrence

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

privacy policy