Free Hosting Online for WorkStations

< Previous | Contents | Next >

1.2.1. Certificate Authority Setup


To setup your own Certificate Authority (CA) and generating certificates and keys for an OpenVPN server and multiple clients first copy the easy-rsa directory to /etc/openvpn. This will ensure that any changes to the scripts will not be lost when the package is updated. From a terminal change to user root and:


mkdir /etc/openvpn/easy-rsa/

cp -r /usr/share/easy-rsa/* /etc/openvpn/easy-rsa/


Next, edit /etc/openvpn/easy-rsa/vars adjusting the following to your environment:


export KEY_COUNTRY="US" export KEY_PROVINCE="NC"



export KEY_CITY="Winston-Salem" export KEY_ORG="Example Company" export KEY_EMAIL="steve@example.com" export KEY_CN=MyVPN

export KEY_ALTNAMES=AltMyVPN export KEY_NAME=MyVPN

export KEY_OU=MyVPN


Enter the following to generate the master Certificate Authority (CA) certificate and key:


cd /etc/openvpn/easy-rsa/ source vars

./clean-all

./build-ca


Top OS Cloud Computing at OnWorks: