[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Client-local PKCS#10 CSR generation

  • Subject: Re: [Openvpn-users] Client-local PKCS#10 CSR generation
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Sat, 07 Jul 2007 10:23:23 +0200


Etienne V. Depasquale wrote:
> Thanks for the point made regarding separating the VPN server from the CA.
> However, I don't see how using a RoCA as a stand-alone CA will help
> (admitting that I haven't used it yet!); is there a client part to RoCA that
> the end-user can run on his computer to generate the CSR? That's the core
> problem. If this is the case, I would have preferred to avoid introducing
> the end-user to a second item of software.
I see, building a certificate request does not meed much, Your clients
can of course build their own keys and certificate requests which you
can then import to whatever CA you like for signng.

OpenVPN mailing lists