Zertifikate für openvpn

Aus Xinux Wiki

Version vom 6. Oktober 2024, 14:25 Uhr von Thomas.will (Diskussion | Beiträge) (→‎CA Zertifikat erstellen)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)

Zur Navigation springen Zur Suche springen

CA Pirvate Key erstellen

openssl genrsa -aes256 -out ca.key 4096

Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:

CA Zertifikat erstellen

openssl req -new -key ca.key -x509 -days 3650 -out ca.crt

Enter pass phrase for ca.key:
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:lab34-ca
Email Address []:.

Request für openvpn erstellen

openssl req -new -key $COMMONNAME.key -out $COMMONNAME.csr

Country Name (2 letter code) [AU]:. 
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:firewall.lab34.linuggs.de   
Email Address []:.

Request signieren

openssl x509 -req -days 730 -in $COMMONNAME.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out $COMMONNAME.crt

Abgerufen von „http://wiki.ixheim.de/index.php?title=Zertifikate_für_openvpn&oldid=57120“