|
|
Morten Christensen wrote in mail, at 30-09-2003 23:29:
I need to protect our VPN-tunnels with passwords because computers at
the home-end of our tunnels are used by both our employees and the rest
of their families.
As I cannot find a way to combine static keys with passwords, I have to
try to understand the use of TLS Mode and RSA keys.
The ca.crt file from the certificate authority must be on the
client-computer at home/on the road to make the tunnel.
When a new key is signed, is the "openssl ca" command then using the
ca.crt or the ca.key file ?
If the ca.crt file is used, then everybody with physical access to the
client computer at home/on the road can make new keys without passwords
and get access to the tls-server at the office ?
--
mvh
Morten Christensen
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|