Zertifikate für openvpn
Version vom 6. Oktober 2024, 14:26 Uhr von Thomas.will (Diskussion | Beiträge) (→CA Zertifikat erstellen)
CA Pirvate Key erstellen
- openssl genrsa -aes256 -out ca.key 4096
Enter PEM pass phrase: Verifying - Enter PEM pass phrase:
CA Zertifikat erstellen
- openssl req -new -key ca.key -x509 -days 3650 -out ca.crt
Enter pass phrase for ca.key: Country Name (2 letter code) [AU]:. State or Province Name (full name) [Some-State]:. Locality Name (eg, city) []:. Organization Name (eg, company) [Internet Widgits Pty Ltd]:. Organizational Unit Name (eg, section) []:. Common Name (e.g. server FQDN or YOUR name) []:lab34-ca Email Address []:.
Variable setzen
- COMMONNAME="firewall.lab34.linuggs.de"
Request für openvpn erstellen
- openssl req -new -key $COMMONNAME.key -out $COMMONNAME.csr
Country Name (2 letter code) [AU]:. State or Province Name (full name) [Some-State]:. Locality Name (eg, city) []:. Organization Name (eg, company) [Internet Widgits Pty Ltd]:. Organizational Unit Name (eg, section) []:. Common Name (e.g. server FQDN or YOUR name) []:firewall.lab34.linuggs.de Email Address []:.
Request signieren
- openssl x509 -req -days 730 -in $COMMONNAME.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out $COMMONNAME.crt