Changes

Template:Generating certificates and keys (view source)

Revision as of 18:38, 6 March 2022

1,041 bytes added ,  18:38, 6 March 2022
→‎Step 3: generating certificates and keys
Line 1: Line 1:  
==Step 3: generating certificates and keys==
 
==Step 3: generating certificates and keys==
 +
 +
 +
 +
 +
    
<ul>  
 
<ul>  
     <li>Now we can start generating the certificates and keys. Begin with the <b>certificate authority</b> (<b>CA</b>) - the root certificate file that will be used to sign other certificates and keys:
+
     <li>Now we can start generating the certificates and keys. Begin with the <b>certificate authority</b> (<b>CA</b>) - the root certificate file that will be used to sign other certificates and keys:<pre>./easyrsa build-ca nopass</pre></li>
        <ul>
+
     <li>Next, build the <b>server</b> certificate and key:<pre>./easyrsa build-server-full server nopass</pre></li>
            <pre>./easyrsa build-ca nopass</pre>
+
     <li>Next, build certificates and keys for the <b>clients</b>:<pre>./easyrsa build-client-full Client1 nopass</pre><font size="-1"><b>Note</b>: replace <i>Client1</i> with this client's Common Name (CN). Omit "nopass" and you will be prompted to choose the client's password.</font><br><br></li>
        </ul>
+
     <li>Lastly, generate <b>Diffie Hellman parameters</b>:<pre>./easyrsa gen-dh</pre></li>
    </li>
  −
     <li>Next, build the <b>server</b> certificate and key:
  −
        <ul>
  −
            <pre>./easyrsa build-server-full server nopass</pre>
  −
        </ul>
  −
    </li>
  −
     <li>Next, build certificates and keys for the <b>clients</b>:
  −
        <ul>
  −
            <pre>./easyrsa build-client-full Client1 nopass</pre>
  −
        </ul><b>Note</b>: replace 'Client1' with this client's Common Name (CN).
  −
    </li>
  −
     <li>Lastly, generate <b>Diffie Hellman parameters</b>:
  −
        <ul>
  −
          <pre>./easyrsa gen-dh</pre>
  −
        </ul>
  −
      </li>
   
</ul>
 
</ul>
 +
----
 +
The generated and signed files should appear in the following directories (by default):
 +
 +
<table class="nd-othertables_3">
 +
    <tr>
 +
        <th width="200">File(s)</th>
 +
        <th width="50" style="text-align: center;"></th>
 +
        <th width="330" style="text-align: right;">Location</th>
 +
    <tr>
 +
        <td>CA certificate</td>
 +
        <td style="text-align: center;">→</td>
 +
        <td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki</i></td>
 +
    </tr>
 +
    <tr>
 +
        <td>Diffie-Hellman parameters</td>
 +
        <td style="text-align: center;">→</td>
 +
        <td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki</i></td>
 +
    </tr>
 +
    <tr>
 +
        <td>Client and Server keys</td>
 +
        <td style="text-align: center;">→</td>
 +
        <td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki\private</i></td>
 +
    </tr>
 +
    <tr>
 +
        <td>Client and Server certificates</td>
 +
        <td style="text-align: center;">→</td>
 +
        <td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki\issued</i></td>
 +
    </tr>
 +
</table>
Anonymous user
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/74605...89560"

Navigation menu