Documentation< Previous | Contents | Next >
1.2.2. Server Certificates
Next, we will generate a certificate and private key for the server:
./build-key-server myservername
As in the previous step, most parameters can be defaulted. Two other queries require positive responses, "Sign the certificate? [y/n]" and "1 out of 1 certificate requests certified, commit? [y/n]".
Diffie Hellman parameters must be generated for the OpenVPN server:
./build-dh
All certificates and keys have been generated in the subdirectory keys/. Common practice is to copy them to / etc/openvpn/:
cd keys/
cp myservername.crt myservername.key ca.crt dh2048.pem /etc/openvpn/