[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] certificates ?easy rsa ++ PKCS#12

  • Subject: Re: [Openvpn-users] certificates ?easy rsa ++ PKCS#12
  • From: "Dave" <dev@xxxxxxxxxxxxxx>
  • Date: Fri, 2 Nov 2007 08:38:06 -0500
  • Importance: Normal

> Hi
> I have an exisiting server fc6 with hand configured openvpn 
> and certificates created using easy-rsa ... I would like 
> migrate to the new Endian Firewall, which is using PKCS#12 
> certificates. How should I go about this ?? Is there a 
> difference in the security between easy-rsa generated 
> certificates and PKCS#12 certificates... what are the 
> differences in the configuration on of openvpn between these 
> certificates ?
Pkcs12 is a container format, the certificates themselves are fundamentally
the same.  It's a little more convenient because you can package the cert,
cert chain, and private key together.

You can convert the PEM-encoded files into a PKCS12 file with the openssl
command line utility.  I believe the following will work:

openssl pkcs12 -export -chain -in client.crt -inkey client.key -CAfile
ca.crt -out client.p12

Obviously replacing the filenames with what is relevant for you.


Openvpn-users mailing list