Boris,
Try this. Some of this is specific to my configuration (certificate
names) just ignore that stuff. I don't think build-key is used any
longer...
Typical usage for initial PKI setup.
Build Server and client cert/keys.
1. edit /etc/openvpn/vars with your site-specific info.
2. . /etc/easyrsa/vars
3. /usr/sbin/clean-all {THIS IS REQUIRED FOR NEW PKI TO CREATE THE
INDEX! DO NOT SKIP!}
4. build-dh
5. pkitool –-initca
6. pkitool --server s_servername (this creates the server cert)
7. (CLIENT FILE BUILDS)
a. Modify the vars file to change the common name to be the client
common name, i.e. c_servername_client1. Re-run . /etc/easyrsa/vars.
VARS must match the parameter you pass it in the next step!
b. pkitool c_servername_client1
c. change vars back!
d. Save changes!
On 12/23/2016 10:44 AM, Boris wrote:
> Hej all,
>
>
> here's a little issue: My LEAF-box (5.2.4 Rev.1) is missing a build-key
> -script to generate openvpn-keys.
>
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
