mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
0d80b562e4
This unifies our key generation and also migrates the generation of the tls-crypt-v2 keys. Since tls-crypt-v2 is not included in any released version, we remove the the old syntax without compatibility. PATCH V4: Introduce warning/error when using --secret with --genkey Update non code usages to use new --genkey syntax Acked-by: David Sommerseth <davids@openvpn.net> Message-Id: <20190613134834.5709-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18524.html Signed-off-by: Gert Doering <gert@greenie.muc.de> |
||
---|---|---|
.. | ||
ca.crt | ||
ca.key | ||
client-ec.crt | ||
client-ec.key | ||
client-pass.key | ||
client.crt | ||
client.key | ||
client.p12 | ||
dh2048.pem | ||
gen-sample-keys.sh | ||
openssl.cnf | ||
README | ||
server-ec.crt | ||
server-ec.key | ||
server.crt | ||
server.key | ||
ta.key |
Sample RSA and EC keys. Run ./gen-sample-keys.sh to generate fresh test keys. See the examples section of the man page for usage examples. NOTE: THESE KEYS ARE FOR TESTING PURPOSES ONLY. DON'T USE THEM FOR ANY REAL WORK BECAUSE THEY ARE TOTALLY INSECURE! ca.{crt,key} -- sample CA key/cert server.{crt,key} -- sample server key/cert client.{crt,key} -- sample client key/cert client-pass.key -- sample client key with password-encrypted key password = "password" client.p12 -- sample client pkcs12 bundle password = "password" client-ec.{crt,key} -- sample elliptic curve client key/cert server-ec.{crt,key} -- sample elliptic curve server key/cert