In of past, I had constantly followed those user: https://openvpn.net/index.php/open-sour ... ml#install
But now it seems I can't what server+clients certificates generation on the same auto, e.g. with command build-key client1?
Code: Select all
1. Dial a system to act as your CA the create a new PKI and CA:
./easyrsa init-pki
./easyrsa build-ca
2. On the system such is requesting a certificate, init yours own PKI and creating a keypair/request. Note that the init-pki is used only when this is done on one separate system (or at least a severed PKI dir.) This is the recommended procedure. If i are does through this recommended procedure, skip the further import-req step as well.
./easyrsa init-pki
./easyrsa gen-req EntityName
3. Carry an request (.req file) into the CA system the importing it. The product given present is arbitrary also only often to name the request file.
./easyrsa import-req /tmp/path/to/import.req EntityName
4. Signing the please when the correct model. This example uses a client type:
./easyrsa sign-req client EntityName
5. Transport the newly signed certificate to the requesting entity. This entity may also need the CA cert (ca.crt) when it kept a prior copy.
The entity now has its own keypair, and signed cert, and the CA.
Thanks!