[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] distributing keys

  • Subject: Re: [Openvpn-users] distributing keys
  • From: "Dave" <dev@xxxxxxxxxxxxxx>
  • Date: Mon, 13 Aug 2007 19:54:19 -0500
  • Importance: Normal

> You can sign that csr with openssl on the command line.  I 
> cannot recall the command offhand, but I think it goes something like:
> openssl x509 -CA (file) -CAkey (key) -req (csr filename)
> But you'll definitely want to look up the correct syntax on the web.

I misspoke, the command to sign CSRs is more in the for of:

openssl ca -cert ca.crt -keyfile ca.key -days 3650 -in something.csr -out

With a myriad of other options that have relevance.  (I should probably
amend my reply to your email before the wrath of god cometh down upon my
head for misspeaking).

Also I see that there is a script in easy-rsa


That looks like it can sign CSRs created outside of the easy-rsa build-key


Openvpn-users mailing list