Writing /var/www/html/john.de-graaff.net/webroot/wiki/data/cache/e/ed44f1c115d853af346d9b457c93818d.metadata failed
links:openvpn
Writing /var/www/html/john.de-graaff.net/webroot/wiki/data/cache/b/bf111e76e59a388c9525e3ec822a9d12.xhtml failed
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
links:openvpn [2016/04/24 13:08] jdg [Set the paramters first] |
links:openvpn [2019/03/06 07:33] (current) |
||
|---|---|---|---|
| Line 208: | Line 208: | ||
| - | ==== Set the paramters first ==== | + | ==== Set the parameters first ==== |
| <code> | <code> | ||
| Line 214: | Line 214: | ||
| export tls_projectname="projectname" | export tls_projectname="projectname" | ||
| - | export tls_cert_dir="/etc/openvpn/$tls_projectname/cert" | + | export tls_cert_dir="/etc/openvpn/$tls_projectname/certs/" |
| export tls_ca_CN="ca.$tls_projectname" | export tls_ca_CN="ca.$tls_projectname" | ||
| export tls_country="CO" | export tls_country="CO" | ||
| Line 232: | Line 232: | ||
| <code> | <code> | ||
| - | rm -rf "$tls_cert_dir/" | + | # rm -rf "$tls_cert_dir/" |
| mkdir -pv "$tls_cert_dir/" | mkdir -pv "$tls_cert_dir/" | ||
| cd "$tls_cert_dir/" | cd "$tls_cert_dir/" | ||
| Line 242: | Line 242: | ||
| <code> | <code> | ||
| - | #!/bin/sh | + | #!/bin/bash |
| # run this script to generate "openssl.cnf" using the previously exported values | # run this script to generate "openssl.cnf" using the previously exported values | ||
| # | # | ||
| Line 305: | Line 305: | ||
| [ req ] | [ req ] | ||
| - | default_bits = 1024 | + | default_bits = 2048 |
| default_keyfile = privkey.pem | default_keyfile = privkey.pem | ||
| distinguished_name = req_distinguished_name | distinguished_name = req_distinguished_name | ||
| Line 376: | Line 376: | ||
| <code> | <code> | ||
| + | # note: we don't need '-newkey rsa:2048 ' because config-file.default_bits = 2048 | ||
| + | |||
| cd $tls_cert_dir/ ; | cd $tls_cert_dir/ ; | ||
| /usr/bin/openssl req \ | /usr/bin/openssl req \ | ||
| Line 387: | Line 389: | ||
| /bin/chmod 0600 "$tls_ca_CN.key" ; | /bin/chmod 0600 "$tls_ca_CN.key" ; | ||
| </code> | </code> | ||
| - | |||
| ==== Generate Server cert/key ==== | ==== Generate Server cert/key ==== | ||
/var/www/html/john.de-graaff.net/webroot/wiki/data/attic/links/openvpn.1461496088.txt.gz ยท Last modified: 2019/03/06 07:33 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
