Nachádzate sa tu

openvpn-ca

 

generateovpn.sh
#!/bin/bash

RESULT="result.ovpn"

cp header.ovpn "$RESULT"

{
  echo "<ca>"
  cat pki/ca.crt
  echo "</ca>"
  echo ""
  echo "<key>"
  cat pki/private/"$1".key
  echo "</key>"
  echo ""
  echo "<cert>"
  sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' pki/issued/"$1".crt
  echo "</cert>"
  echo ""
} >> "$RESULT"

 

header.ovpn

dev tun
tls-client
remote firma.freemyip.com 1195 udp
remote-cert-tls server
float
pull
cipher AES-256-GCM
auth-nocache
auth-user-pass

Setup

cmd as admin
cd "c:\Program Files\OpenVPN\easy-rsa"

vars - ha folytatni szeretnem

;init-config
notepad vars.bat
vars
clean-all
build-ca
build-key-server server
build-key client1, set CNAME, NAME to client1
build-dh

vars
revoke-full client1

Linux
sudo apt-get install openvpn easy-rsa

make-cadir ~/openvpn-ca
cd ~/openvpn-ca

nano vars

set_var EASYRSA_REQ_COUNTRY "SK"
set_var EASYRSA_REQ_PROVINCE "SK"
set_var EASYRSA_REQ_CITY "SK"
set_var EASYRSA_REQ_ORG "FIRMA"
set_var EASYRSA_REQ_EMAIL "infofirma.info"
set_var EASYRSA_REQ_OU "FIRMA"

set_var EASYRSA_KEY_SIZE 4096

./easyrsa init-pki
./easyrsa build-ca nopass
./easyrsa build-server-full server nopass
./easyrsa build-client-full clientname nopass
#./easyrsa gen-req server nopass
#./easyrsa sign-req client server
./easyrsa gen-dh

generate ovpn file
./generateovpn.sh clientname