|
|
|
Hi there.
I have several OpenVPN installations working. In the beginning i did a new CA on every installation.
Now i have made a offline box that's acting as a CA for all installations. On this box i create new Server Certificates and new client certificates. However, it just struck me. How do i make sure that just ServerA certificate can get connected to by ClientA .
Isn't this so now, that all clients can connect to any OpenVPN installations that's using this same CA?
I thought i was smart and secure, but I get a iching feeling that this was not so good after all.
Any ideas, thoughts on how to make sure that a "site installation" with generated certificates for server and clients are the only one allowed to connect to each other.
/Goran
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |