|
|
Matthew Wilson wrote: > On Fri Sep 14 15:14:18 2007, Marco Fretz wrote: > >> hi >> >> yes they can use easy-rsa to create ther key and a crs (certification >> sign request) on their own host. then they send u this csr (possible >> over insecure line) and u sing this key with ur CA (with easy-rsa). >> after this u send them the ca and the signed cert file back (possible >> over a insecure line, too). >> >> rember, only keys have to be keept private. csr, ca.cert, etc. have >> not to be private. (correct me if im wrong pls!) >> >> and thanks to openvpn =), easy-rsa is available in the windows and >> the linux package / installer.... >> >> kind regards >> marco >> > > How do I use easy-rsa to do the certification sign request? > > Thanks for the help! > > Matt > > read the how-to's on openvpn.net =) http://openvpn.net/easyrsa.html especially section "BUILD A CERTIFICATE SIGNING REQUEST" and "SIGN A CERTIFICATE SIGNING REQUEST", but of corse u need the steps before, too... u need to build the CSR on the client and u sign the CSR on the server (where u have the CA.key and cert) marco ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |