[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] One CA for several OpenVPN installations.


  • Subject: [Openvpn-users] One CA for several OpenVPN installations.
  • From: "Göran Nilsson" <goran.nilsson@xxxxxxxxx>
  • Date: Thu, 22 Mar 2007 21:24:13 +0100

Hi there.
I have several OpenVPN installations working. In the beginning i did a new CA on every installation.
Now i have made a offline box that's acting as a CA for all installations. On this box i create new Server Certificates and new client certificates. However, it just struck me. How do i make sure that just ServerA certificate can get connected to by ClientA .
Isn't this so now, that all clients can connect to any OpenVPN installations that's using this same CA?
I thought i was smart and secure, but I get a iching feeling that this was not so good after all.
 
Any ideas, thoughts on how to make sure that a "site installation" with generated certificates for server and clients are the only one allowed to connect to each other.
 
/Goran
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users