From Teltonika Networks Wiki
Step 2: preparing EasyRSA[edit source]
- Now we can start preparing to generate certificates and keys. For this we'll be using the EasyRSA 3 application that was installed along with OpenVPN.
EasyRSA commands have to be executed via the Windows Command Prompt. It can be opened by typing cmd in the Windows search bar (Windows button + S). When you launch it, make sure you run it as administrator:
- Change the current directory to the EasyRSA folder. To do so, execute this command:
cd "C:\Program Files\OpenVPN\easy-rsa"
- Launch EasyRSA:
- Before you can generate files with EasyRSA, you must first initialize a directory for the Public Key Infrastructure (PKI). This can be done with the following command:
- Open the vars.bat file with the Notepad text editor:
- This is the template file for generating certificates, i.e., the information stored here will be offered as default values during certificate generation. Locate and edit the following lines in accordance with your needs:
set KEY_COUNTRY=US set KEY_PROVINCE=CA set KEY_CITY=SanFrancisco set KEY_ORG=OpenVPN set KEY_EMAILfirstname.lastname@example.org
- You can also set the key size for the Diffie Hellman parameters:
- Once you're done, save the file and close the editor; then run the following commands:
vars.bat ./easyrsa clean-all