Unable to regenerate X509 cert because the CA being used is expired and I cannot delete

Question

So we are going to be wanting to use SSL VPN on our UTM, but I'm having issues getting it to work. Looks as though all the X509 certs are expired and I cannot regenerate. So I tried to create a new one, but once a new one is created, it is set as expired. 
 After further investigation, I'm seeing that the CA being used is expired, and it looks to be a private CERT which I cannot seem to do anything with. I cannot delete because says it is being used, but just about everything. 
 Does anyone know a way to get this removed without having to reset my entire firewall? Thank you.

ThomW · Accepted Answer

Make a full backup just in case. 
 Change those 3 locations to the original "VPN Signing CA" 
 1. Site-to-Site VPN -> SSL -> Advanced

2. Site-to-Site VPN -> IPsec -> Advanced 
 
 3. Remote Access -> L2TP over IPsec -> Global (no screenshot available) 
 If this is not used enable it, change to preshared key and disable it.

Joe Reed · Answer

NM, I forgot to Regenerate after that. It is working now! Thank you for your help!!! :)

FormerMember · Answer

Hi Joe Reed , 
 Thanks for reaching out, and welcome to the Community! 
 Are you trying to regenerate signing CA? If yes, go to the Webserver Protection > Certificate Management > Advanced tab. 
 Thanks,

Unable to regenerate X509 cert because the CA being used is expired and I cannot delete

Top Replies