The server and client certificates that OpenVPN uses are always valid for a limited time. ARM600's WHMI shows a warning about expiring certificates when there is less than 6 months left until some OpenVPN certificates expire. It is recommended to take action well in advance before the certificates expire, since expired certificates cause VPN connections to fail.
If the OpenVPN clients are Arctic wireless devices that are also connected to the ARM600 server using Arctic Patrol with asset management enabled, the OpenVPN certificate can be renewed using ARM600's WHMI. This is a two-step process:
- Renewing certificates for the server and clients on ARM600
- Sending the new certificates to the Arctic wireless devices through Arctic Patrol. There are certain prerequisites for this step.
- Clients must be configured with Arctic Patrol for asset management. See the Asset management section in this manual for information on how to set this up.
- OpenVPN client names and Arctic hostnames must match, otherwise ARM600 is not able to match Patrol connections with VPN connections and is not able to transfer the new certificates.