Template:Generating certificates and keys: Difference between revisions

From Teltonika Networks Wiki
Line 8: Line 8:
</ul>
</ul>
----
----
The generated files should appear in the following directories (by default):
The generated and signed files should appear in the following directories (by default):
 
<table class="nd-othertables_3">
<table class="nd-othertables_3">
     <tr>
     <tr>

Revision as of 11:20, 5 November 2020

Step 3: generating certificates and keys

  • Now we can start generating the certificates and keys. Begin with the certificate authority (CA) - the root certificate file that will be used to sign other certificates and keys:
    ./easyrsa build-ca nopass
  • Next, build the server certificate and key:
    ./easyrsa build-server-full server nopass
  • Next, build certificates and keys for the clients:
    ./easyrsa build-client-full Client1 nopass
    Note: replace Client1 with this client's Common Name (CN).

  • Lastly, generate Diffie Hellman parameters:
    ./easyrsa gen-dh

The generated and signed files should appear in the following directories (by default):

File(s) Location
CA certificate C:\Program Files\OpenVPN\easy-rsa\pki
Diffie-Hellman parameters C:\Program Files\OpenVPN\easy-rsa\pki
Client and Server keys C:\Program Files\OpenVPN\easy-rsa\pki\private
Client and Server certificates C:\Program Files\OpenVPN\easy-rsa\pki\issued