MBG - Client Certificate Approved but the expiry data did not change.

[borogerson]

The MBG received a Client Certificate from the Oaisys server and was approved but the expiry date did not change.

Screenshot attached

[dilkie]

that's the issuer's certificate, mbg's recording CA... it's date is set when originally created... what version of MBG is this? that issue was fixed some time ago.

[borogerson]

Version 10.0.4.3.

[dilkie]

Ah, yes, that got fixed in 11.0 IIRC.

tug re-generates it's CA and server certificate on restart.

there is a way to force the CA certificate to be re-generated... can't find it at the moment though.

is this causing an issue?

[borogerson]

I believe it is an issue.   Customer does not have SWA currently.

[dilkie]

damn, that sucks... easiest way would be to upgrade as it preserves the original CA signature.. re-generating the CA will mean having to re-gen tug's server cert and the client will have to re-enroll. no biggie but a PITA if something goes wrong.

well, they are running a 10 year old server...

i'll ask around for the ca re-gen command