Velocidex · scudette · Jun 30, 2024 · Jun 30, 2024 · Jun 30, 2024 · Jun 30, 2024
diff --git a/content/blog/2021/2021-11-09-eql2vql/_index.md b/content/blog/2021/2021-11-09-eql2vql/_index.md
@@ -17,6 +17,16 @@ author: "Mike Cohen"
 date: 2021-11-09
 ---
 
+{{% notice warning "Outdated content" %}}
+
+This article describes a threat detection approach that has since been
+superseded by Velociraptor's [built-in Sigma
+functionality]({{<ref "/blog/2023/2023-11-15-sigma_in_velociraptor" >}}),
+however it is retained here for historical and instructive purposes since it
+also demonstrates how the flexibility of VQL makes novel solutions possible.
+
+{{% /notice %}}
+
 If you have been following the development of Velociraptor for a while
 you are probably more than familiar with Velociraptor's flexible query
 language (VQL). Because Velociraptor is an agent running on the

diff --git a/content/docs/gui/vfs/_index.md b/content/docs/gui/vfs/_index.md
@@ -73,7 +73,7 @@ file. In this case it is better to compress the export with a
 password.
 
 See the Knowledge Base article [How do I enable password protected VFS
-downloads?]({{< ref "/knowledge_base/tips/download_password/" >}}) for
+downloads?]({{<ref "/knowledge_base/tips/download_password" >}}) for
 reference on setting the password for export.
 
 {{% /notice %}}

diff --git a/content/knowledge_base/tips/rolling_certificates.md b/content/knowledge_base/tips/rolling_certificates.md
@@ -22,8 +22,45 @@ Validity
    Not After : Apr 13 12:05:46 2023 GMT
 ```
 
+Reissuing a new server certificate can be performed at any time using the
+`config reissue_certs` command. The procedure amounts to generating a new
+server configuration which is derived from the old one, and then replacing the
+old config with the new config.
+
+Additionally the `config rotate_keys` command can be used to regenerate both
+the server certificate and the associated private key. Although this is not
+necessary for operational purposes, it is considered good security practice
+to rotate keys and certificates periodically, and particularly after a
+suspected systems compromise. 
+
+## Setting a non-standard validity
+
+The latest release has a `--validity` option can be used to extend the validity
+beyond the default of one year. For example, to generate a config containing a
+server certificate which is valid for 2 years, you would run the command:
+```sh
+velociraptor --config server.config.yaml config reissue_certs --validity 730  > new.server.config.yaml
+```
+
+If you expect your server to be a long-term instance then you don't have to
+start with the default 1-year validity and wait for the certificate to expire.
+You can generate a new config on day 1 based on the initial config using the
+`config reissue_certs` command. You can then use the new config for the new
+server installation.
+
 ## Rotating certificates
 
+{{% notice info %}}
+
+For server versions older than 0.72.3 please use the following commands instead
+of those shown below:
+
+- *Current command* -> *Command for versions <0.72.3*
+- `velociraptor config reissue_certs` -> `velociraptor config reissue_key`
+- `velociraptor config rotate_keys` -> `velociraptor config rotate_key`
+
+{{% /notice %}}
+
 To rotate server certificates, simply use the following command to
 generate a new configuration file containing rotated certificates: