|
|
Hi Drew Boone schrieb: > On Mar 3, 2007, at 2:55 AM, Erich Titl wrote: .. >>> >> Unless you change the CA cert, no > > So, the next obvious question is... How would I create additional > keys? I have looked through this mailing list's archive and the > howto's for openvpn and haven't found any details on this. You obviously created certificates to start with, just continue. I hope you saved your easy_rsa files. Most of the time I am _not_ using easy_rsa but another interface to openssl. There have been multiple references to your problem in the list lately. Basically you need to just rerun build_key_whatever for another certificate. I _believe_ you have to reread the parameters in order to have the same ca environment as before. The parameters are kept in the vars file, so you have to call . ./vars > >>> 2. Is it possible to create additional client keys in future >>> without starting from scratch? >>> >> Sure >>> 3. How is the ca.key accessed by OpenVPN, it doesn't seem to be >>> referenced in the config files I have looked at. >>> >> Without seeing the config anyone can just guess > > I guess I was vague here. One could read what I wrote to mean, "I > haven't found a reference to ca.key in the config files on my > server". This is certainly true. However, I haven't found reference > to the ca.key in the sample config files on the openvpn website > either. So, if the ca.key file is not referenced in the config file, > generally speaking, how does OpenVPN make use of this file? It could be inside a pkcs12 file if you are using those. Erich ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |