By default, Kerio Control ships with several predefined SSL certificates which are used for specific purposes. There's a "Default", one for Reverse Proxy, one for Local Authority and one for VPN.
Although by default each of these is assigned to specific uses, in fact you only need one SSL certificate and could use that for every need. Kerio provides multiple certs so that you can revoke one feature without affecting others. That certainly would be an unusual situation, though.
Certificates do expire. That won't necessarily break anything, although it does cause annoying messages and perhaps questions from users. There are some things you need to watch out for when creating new certificates for these uses.
First, although you can use the same name for the new certificate, that can be confusing when you are trying to assign that new cert to its use. I use a different name. Second, don't delete or rename the active certificates until you have the new ones in place. I accidentally did that recently on a VPN certificate and locked myself out of the firewall. Fortunately I was able to access it directly by public IP also.
If you found something useful today, please consider a small donation.
Got something to add? Send me email.
More Articles by Anthony Lawrence © 2015-01-09 Anthony Lawrence