How to Update the Server Certificate on your VPN Gateway

This guide explains how to manually update the server certificate on your On-Premise (BYOS) VPN Gateway. On an integrated cloud VPN server, the certificate updation process is automated and there is no need for user intervention.

On your On-Premise Access Gateway, you need to perform this manual update once every two years before the certificate expires. You will be notified by email when the certificate renewal is due so that you can update it on your server accordingly.

This update can be done using the wrapper tool 'utnservice' which is installed into '/utunnel/bin' folder in your UTunnel Access Gateway.

Just follow the steps below to perform the certificate update:

Step 1: Connect to your UTunnel Access Gateway via an SSH client with root privileges.

Step 2: Install any service updates on the UTunnel application running on the server

sudo /utunnel/bin/utnservice update

Step 3: Update the server certificate

sudo /utunnel/bin/utnservice updatecert

4. Step 4: Restart the UTunnel service on the server using the following commands.

sudo /utunnel/bin/utnservice stop -f
sudo /utunnel/bin/utnservice start

Note: Any active connections might disconnect during the service restart.

You can now proceed to connect to your UTunnel Access Gateway. Please note that this process will need to be repeated on the server every two years.

Popular Support Articles

How to Enable Split DNS

How to Restart Services on an On-Premise VPN server

How to Enable Split Routing on a VPN server

How to Enable Manual OpenVPN Connections

How to run OpenVPN on Custom Protocol and Port

How to Enable VPN Obfuscation with OpenVPN