|
|
Hello list, Can somebody explain to me (and the rest of the list, if interested) if the use of pkcs12 certificates is better or not better / safer /handier / better manageable as the ca, cert and key directives in the openvpn configuration files ? I understand it so far: You can convert a existing key pair to a (binary) pkcs12 certificate, where the pkcs12 combines the ca, crt and key in one file. I've got this from the openvpn man page: --pkcs12 file Specify a PKCS #12 file containing local private key, local certificate, and root CA certificate. This option can be used instead of --ca, --cert, and --key. If you passwd protect the exported key, the whole pkcs12 key is encrypted with that passwd. Is this passwd similar to passwd protected key of the build-key-pass script? Can the pkcs12 passwd changed in the same way as a normal key can be done? I red somewhere that you can't change the export passwd of pkcs12 key. I hope somebody can some light on this. Regards, John Knappers The Netherlands ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |