Hi,
On 29/08/17 22:06, Gregory Sloop wrote:
Re: [Openvpn-users] Server vs Client cert generation So a few observations and
possible clues/issues:
I should probably do another test, though I'm worn out from all the hassle of
the last go-round. [But I think I kept all the "test" ce
Hi,
On 29/08/17 22:06, Gregory Sloop wrote:
Re: [Openvpn-users] Server vs Client cert generation So a few observations and
possible clues/issues:
I should probably do another test, though I'm worn out from all the hassle of the last go-round. [But I think I kept all the
"test" ce
Hi,
snippety-snipped ;)
On 29/08/17 21:06, Gregory Sloop wrote:
> Any insight you can shed here would be fab. [Or anyone else, for that
matter.]
> Re: verify-x509-name
> [Or use the "-name-prefix" option in --verify-x509-name
technically, that is "name-prefix"
The example in the manual
So a few observations and possible clues/issues:
I should probably do another test, though I'm worn out from all the hassle of
the last go-round. [But I think I kept all the "test" certs I used, so testing
should be easier...]
But I think your cert shows:
X509v3 extensions:
SK> On 09-08-17 19:34, Gregory Sloop wrote:
>> I also often need to generate certs for other things and GNU TLS's
>> CertTool works pretty well.
>> I'd like to use one tool to generate all the certificates I generally
>> need - it's just easier to keep track of, document etc.
>> However when I go
Hi,
On 09-08-17 19:34, Gregory Sloop wrote:
> I also often need to generate certs for other things and GNU TLS's
> CertTool works pretty well.
> I'd like to use one tool to generate all the certificates I generally
> need - it's just easier to keep track of, document etc.
>
> However when I go
So, IMO, EasyRSA is pretty broken.
[I'll skip the discussion about why. Go try to run it on Windows and see how
that works, then then we can talk. Also, key encryption defaults.]
I also often need to generate certs for other things and GNU TLS's CertTool
works pretty well.
I'd like to use one