2012-07-16 - [GRASE-Hotspot] Expiry times and SSL/VPN certificate

Header Data

From: Johnny Solbu <so***u@solbu.net>
Message Hash: ad0371190b2f59017840b733a27255890eebfb86e3fd8596636e6a2c8176682e
Message ID: <201207170508.16222.solbu@solbu.net>
Reply To: N/A
UTC Datetime: 2012-07-16 20:08:12 UTC
Raw Date: Tue, 17 Jul 2012 04:08:12 +0100

Raw message

We have two small question regarding Expiry times and the certificate used to protect the vpn traffic.
(We are using the latest dev version on latest Ubuntu.)

Do the users expire X months after creation, or x months after inactivity?
We would like to have a group expire X months after last logout. The reason for this request is to have users or groups of users whicn only expire when they leave the organization and haven't logged in for a specified time period.

And is it possible to change the expiry time? We can't seem to fine a way to change the expiry times of users which haven't expired yet.


We wuld alo like to change the names of the subject information in the certificate. I run a small local CA myself, so I know how the process works. However I notice that there is a built in CA which have your info as default, and we would like to have the Subject part of the certificate t match our organization. I have located where to change to make it happend.
But I need to know what script to run to generate a new certificate with the customized values.



As a final note, we love the ability to set limits on bandwith. We have had problems with visitors from Ukraine who use Skype quite often, and clogs out upstream bandwith. Now we can finally put an end to this. Thank you. :-)=

-- 
Johnny A. Solbu
web site, http://www.solbu.net
PGP key ID: 0xFA687324
********************************
Kom Arbeidslyst og treng deg på,
her skal du motstand finne.

Thread