![]() This feature allows using HMAC signatures in SSL/TLS handshake, thus initiating an extra integrity check. To provide additional protection for your VPN server, it is recommended to enable tls-auth. Then you can generate Diffie-Hellman keys (takes a long time): The server.crt file will appear in the issued folder ( C:\Program Files\OpenVPN\easy-rsa\pki\issued\server.crt). Then enter the CA password for your root CA. Sign the request to issue a server certificate using your CA: Key: C:/Program Files/OpenVPN/easy-rsa/pki/private/server.key Req: C:/Program Files/OpenVPN/easy-rsa/pki/reqs/server.req Then generate a certificate request and a key for your OpenVPN server: ![]() A Certification Authority key: C :\Program Files\OpenVPN\easy-rsa\pki\private\ca.key.A root certificate of the Certification Authority: C:\Program Files\OpenVPN\easy-rsa\pki\ca.crt.Your newly created PKI dir is: C:/Program Files/OpenVPN/easy-rsa/pkiĮnter a CA password twice: CA creation is complete and you may now import and sign cert requests. Init-pki complete you may now create a CA or requests. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |