Template:Generating certificates and keys: Difference between revisions
No edit summary |
|||
| Line 7: | Line 7: | ||
<li>Lastly, generate <b>Diffie Hellman parameters</b>:<pre>./easyrsa gen-dh</pre></li> | <li>Lastly, generate <b>Diffie Hellman parameters</b>:<pre>./easyrsa gen-dh</pre></li> | ||
</ul> | </ul> | ||
---- | |||
The generated files should appear in the following directories (by default): | |||
<table class="nd-othertables_3"> | |||
<tr> | |||
<th width=200>File(s)</th> | |||
<th width=50 style="text-align: center;"></th> | |||
<th width=330 style="text-align: right;">Location</th> | |||
<tr> | |||
<td>CA certificate</td> | |||
<td style="text-align: center;">→</th> | |||
<td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki</i></td> | |||
</tr> | |||
<tr> | |||
<td>Diffie-Hellman parameters</td> | |||
<td style="text-align: center;">→</th> | |||
<td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki</i></td> | |||
</tr> | |||
<tr> | |||
<td>Client and Server keys</td> | |||
<td style="text-align: center;">→</th> | |||
<td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki\private</i></td> | |||
</tr> | |||
<tr> | |||
<td>Client and Server certificates</td> | |||
<td style="text-align: center;">→</th> | |||
<td style="text-align: right;"><i>C:\Program Files\OpenVPN\easy-rsa\pki\issued</i></td> | |||
</tr> | |||
</table> | |||
Revision as of 11:20, 5 November 2020
Step 3: generating certificates and keys
- Now we can start generating the certificates and keys. Begin with the certificate authority (CA) - the root certificate file that will be used to sign other certificates and keys:
./easyrsa build-ca nopass
- Next, build the server certificate and key:
./easyrsa build-server-full server nopass
- Next, build certificates and keys for the clients:
./easyrsa build-client-full Client1 nopass
Note: replace Client1 with this client's Common Name (CN). - Lastly, generate Diffie Hellman parameters:
./easyrsa gen-dh
The generated files should appear in the following directories (by default):
| File(s) | Location | |
|---|---|---|
| CA certificate | → | C:\Program Files\OpenVPN\easy-rsa\pki |
| Diffie-Hellman parameters | → | C:\Program Files\OpenVPN\easy-rsa\pki |
| Client and Server keys | → | C:\Program Files\OpenVPN\easy-rsa\pki\private |
| Client and Server certificates | → | C:\Program Files\OpenVPN\easy-rsa\pki\issued |