RadSec certificate renewal

Received this Email from Foxpass - "Action required: Foxpass Certificates will expire soon" or see a red warning on the RadSec page? Make sure to follow the steps below as soon as you receive an email from Foxpass that your Client CA/certificates or Server CA for RadSec are nearing their expiration date or you see the expiration date in your Foxpass Console's the RadSec page.

This documentation outlines the necessary steps for renewing Client and Server Certificate Authorities (CAs) in the RadSec configuration. These steps are critical when certificates are nearing expiration to maintain secure and uninterrupted services.

Steps needed for Server CA

1. Navigate to the Foxpass console's RadSec page.
2. Check if newly issued server CA is listed on the Radsec page.
3. Click on the 'Download Certificate' button.

4. Replace this certificate with old one's in your Access point's setup.

Renewing Customer Client CA

1. Navigate to the Foxpass console's RadSec page.
2. Click on “Upload Customer Client CA” under the section labeled "Customer Client Certificate Authorities".

3. Upload new customer client CA obtained from your Access Point provider.

Renewing Client Certificates

1. Click 'Create Client Certificate' button under the label 'Client Certificates'.

2. Click 'Download cert + key' button of a newly generated certificate.

3. Replace this cert+key in your Access point.

Once everything is working, you can safely delete old server CA, customer client CA and client certificate from the Radsec page of Foxpass.