--On Saturday, October 30, 2021 1:36 PM +0100 lejeczek via Openvpn-users
<openvpn-users@lists.sourceforge.net> wrote:
Server's own certs yes, but how such a server instance will know where to
look for all the certs for clients? - I failed to find.
The server doesn't know about the client certs. The client certs are signed
by a CA cert that you specify in your server config. That's what causes the
server to trust them.
how to point those to separate & different "easy-rsa" deployment, I could
not find out.
Note that easy-rsa is just scripts to build the ca cert, server cert,and
client certs. It doesn't even have to be in the openvpn tree. You can
certainly have many of them and just edit the server config file to point
to the ones it uses. You can also use easy-rsa to make certs for other
things, like your web and mail servers.
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
