[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] One CA for several OpenVPN installations.

  • Subject: [Openvpn-users] One CA for several OpenVPN installations.
  • From: "Göran Nilsson" <goran.nilsson@xxxxxxxxx>
  • Date: Thu, 22 Mar 2007 21:24:13 +0100

Hi there.
I have several OpenVPN installations working. In the beginning i did a new CA on every installation.
Now i have made a offline box that's acting as a CA for all installations. On this box i create new Server Certificates and new client certificates. However, it just struck me. How do i make sure that just ServerA certificate can get connected to by ClientA .
Isn't this so now, that all clients can connect to any OpenVPN installations that's using this same CA?
I thought i was smart and secure, but I get a iching feeling that this was not so good after all.
Any ideas, thoughts on how to make sure that a "site installation" with generated certificates for server and clients are the only one allowed to connect to each other.
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
Openvpn-users mailing list