Hello Dr. Nyirenda,  Thanks a lot for your help.  Do you by any chance have the formula that you are using to create or renew your client side certificates? ,

We are fighting because one of our engineer has left the company and did´t properly document things.  One certificate has expired in july, we didn´t notice until server was rebooted... Now it is a bit emergency. 

Sincerely yours.  Le 18 nov. 2021 à 08:54, Dr Paulos Nyirenda <paulos(a)sdnp.org.mw > a écrit : On 16 Nov 2021 at 14:41, bsd(a)todoo.biz wrote: Hello,  I was wondering if the SSL certs which are created to authenticate EPP requests will need to be bound to a CA or if they only needed to be created as plain Cert + Key.  In fred-client.conf - there only seems to have an :  ssl_cert = %(dir)s/cert.xxx.pem ssl_key  = %(dir)s/key.unenc.xxx.pem If I remember correctly, this is enough on the client side. No sign of CA.  Also if I remember correctly, the CA certificate corresponding to your client certificate is only  needed to be installed on the FRED server side for  your EPP client Hope this helps. Regards, Paulos ============================= Dr Paulos B Nyirenda NIC.MW & .mw ccTLD  http://www.nic.mw SDNP:  http://www.sdnp.org.mw Tel:  +265-(0)-882 089 166 Cell: +265-(0)-888-824787 WhatsApp: +265-(0)-887386433