copy crl.pem to server directory and ensure config file uses "crl-verify "_ verify last line of output confirms revokationĤ. To revoke a TLS certificate and generate a CRL file:Ģ. build-key-pkcs12 (use for specific name within script) build-key (use for specific name within script)īuild key files in PKCS #12 format (for each client machine)Ģ. build-key-server Build key files in PEM format (for each client machine)Ģ. Next, edit vars.bat to adapt it to your environment, andĬreate the directory that will hold your key files.Ĭreate new empty index and serial files (once only)īuild a DH file (for server side, once only)īuild a private key/certficate for the openvpn serverĢ. Including the openssl.cnf file from the top-level _Extract all zip'd files to the OpenVPN home directory, The following is from the readme-file in easy-rsa, under Windows, found in "C:\Program Files\OpenVPN\easy-rsa" No, my server key has the line like that.įollowing this guide exactly yields this, I believe:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |