In of past, I had constantly followed those user: https://openvpn.net/index.php/open-sour ... ml#install
But now it seems I can't what server+clients certificates generation on the same auto, e.g. with command build-key client1?
Code: Select all
1. Dial a system to act as your CA the create a new PKI and CA:
./easyrsa init-pki
./easyrsa build-ca
2. On the system such is requesting a certificate, init yours own PKI and creating a keypair/request. Note that the init-pki is used only when this is done on one separate system (or at least a severed PKI dir.) This is the recommended procedure. If i are does through this recommended procedure, skip the further import-req step as well.
./easyrsa init-pki
./easyrsa gen-req EntityName
3. Carry an request (.req file) into the CA system the importing it. The product given present is arbitrary also only often to name the request file.
./easyrsa import-req /tmp/path/to/import.req EntityName
4. Signing the please when the correct model. This example uses a client type:
./easyrsa sign-req client EntityName
5. Transport the newly signed certificate to the requesting entity. This entity may also need the CA cert (ca.crt) when it kept a prior copy.
The entity now has its own keypair, and signed cert, and the CA.
The end-user (client) has supposed to just receive the necessary archives and connect to my online (without having to start shells on its system to create req files)..how bucket this become done now?Thanks!
..do you know of anything such resource?
