mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 12:02:28 +02:00
Code
330baf2aee
openvpn/easy-rsa/Windows
History
Samuli Seppänen acef89fc94 Updated "easy-rsa" for OpenSSL 1.0.0 
This patch fixes remaining issues with Trac ticket #125. It does the following:

- Update easy-rsa/2.0/README
- Rename easy-rsa/2.0/openssl.cnf as openssl-0.9.8.cnf
- Add easy-rsa/2.0/openssl-1.0.0.cnf
- Updated vars.bat.sample to use openssl-1.0.0.cnf
- Updated win/openvpn.nsi to use openssl-1.0.0.cnf
- Add a few undefined variables to vars and vars.bat.sample:
  required by OpenSSL 1.0.0 (at least on Windows)

Signed-off-by: Samuli Seppänen <samuli@openvpn.net>
Tested-by: Samuli Seppänen <samuli@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
2011-07-01 11:35:43 +02:00
..
build-ca-pass.bat Change all CRLF linefeeds to LF linefeeds 2011-04-14 16:38:24 +02:00
build-ca.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
build-dh.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
build-key-pass.bat Change all CRLF linefeeds to LF linefeeds 2011-04-14 16:38:24 +02:00
build-key-pkcs12.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
build-key-server-pass.bat Change all CRLF linefeeds to LF linefeeds 2011-04-14 16:38:24 +02:00
build-key-server.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
build-key.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
clean-all.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
index.txt.start This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
init-config.bat Fix a build-ca issue on Windows 2011-06-20 11:01:04 +02:00
README.txt This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
revoke-full.bat This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
serial.start This is the start of the BETA21 branch. 2005-09-26 05:28:27 +00:00
vars.bat.sample Updated "easy-rsa" for OpenSSL 1.0.0 2011-07-01 11:35:43 +02:00

README.txt 

Extract all zip'd files to the OpenVPN home directory,
including the openssl.cnf file from the top-level
"easy-rsa" directory.

First run init-config.bat

Next, edit vars.bat to adapt it to your environment, and
create the directory that will hold your key files.

To generate TLS keys:

Create new empty index and serial files (once only)
1. vars
2. clean-all

Build a CA key (once only)
1. vars
2. build-ca

Build a DH file (for server side, once only)
1. vars
2. build-dh

Build a private key/certficate for the openvpn server
1. vars
2. build-key-server <machine-name>

Build key files in PEM format (for each client machine)
1. vars
2. build-key <machine-name>
   (use <machine name> for specific name within script)

or

Build key files in PKCS #12 format (for each client machine)
1. vars
2. build-key-pkcs12 <machine-name>
   (use <machine name> for specific name within script)

To revoke a TLS certificate and generate a CRL file:
1. vars
2. revoke-full <machine-name>
3. verify last line of output confirms revokation
4. copy crl.pem to server directory and ensure config file uses "crl-verify <crl filename>"