http://wiki.cabal.mx/index.php?title=OpenVPN-2.1.1HowTo/Crear_los_Certificados_del_Servidor&feed=atom&action=historyOpenVPN-2.1.1HowTo/Crear los Certificados del Servidor - Historial de revisiones2024-03-28T15:10:48ZHistorial de revisiones para esta página en el wikiMediaWiki 1.32.1http://wiki.cabal.mx/index.php?title=OpenVPN-2.1.1HowTo/Crear_los_Certificados_del_Servidor&diff=4397&oldid=prevRrc en 12:46 6 nov 20122012-11-06T12:46:33Z<p></p>
<p><b>Página nueva</b></p><div>__NOTOC__<br />
* [[:#Crear los Certificados del Servidor | Crear los Certificados del Servidor]]<br />
** [[:#Explicación | Explicación]]<br />
<br />
== Crear los Certificados del Servidor ==<br />
<pre><br />
[root@charon 2.0]# ./build-key-server charon.linuxcabal.org<br />
Generating a 1024 bit RSA private key<br />
.....................................++++++<br />
..................................++++++<br />
writing new private key to 'charon.linuxcabal.org.key'<br />
-----<br />
You are about to be asked to enter information that will be incorporated<br />
into your certificate request.<br />
What you are about to enter is what is called a Distinguished Name or a DN.<br />
There are quite a few fields but you can leave some blank<br />
For some fields there will be a default value,<br />
If you enter '.', the field will be left blank.<br />
-----<br />
Country Name (2 letter code) [MX]:<br />
State or Province Name (full name) [Jalisco]:<br />
Locality Name (eg, city) [Guadalajara]:<br />
Organization Name (eg, company) [LinuxCabal A.C.]:<br />
Organizational Unit Name (eg, section) []:Tutorial<br />
Common Name (eg, your name or your server's hostname) [charon.linuxcabal.org]:<br />
Name []:rrc<br />
Email Address [rrc@LinuxCabal.org]:<br />
<br />
Please enter the following 'extra' attributes<br />
to be sent with your certificate request<br />
A challenge password []:<br />
An optional company name []:<br />
Using configuration from /usr/share/openvpn/easy-rsa/2.0/openssl.cnf<br />
Check that the request matches the signature<br />
Signature ok<br />
The Subject's Distinguished Name is as follows<br />
countryName :PRINTABLE:'MX'<br />
stateOrProvinceName :PRINTABLE:'Jalisco'<br />
localityName :PRINTABLE:'Guadalajara'<br />
organizationName :PRINTABLE:'LinuxCabal A.C.'<br />
organizationalUnitName:PRINTABLE:'Tutorial'<br />
commonName :PRINTABLE:'charon.linuxcabal.org'<br />
name :PRINTABLE:'rrc'<br />
emailAddress :IA5STRING:'rrc@LinuxCabal.org'<br />
Certificate is to be certified until Oct 17 21:57:27 2013 GMT (365 days)<br />
Sign the certificate? [y/n]:y<br />
<br />
<br />
1 out of 1 certificate requests certified, commit? [y/n]y<br />
Write out database with 1 new entries<br />
Data Base Updated<br />
[root@charon 2.0]# <br />
</pre><br />
<pre><br />
[root@charon 2.0]# ls -al keys<br />
total 60<br />
drwxr-xr-x 2 root root 4096 2012-10-17 16:57 ./<br />
drwxr-xr-x 3 root root 4096 2012-10-17 16:03 ../<br />
-rw-r--r-- 1 root root 4238 2012-10-17 16:57 00.pem<br />
-rw-r--r-- 1 root root 1452 2012-10-17 16:35 ca.crt<br />
-rw------- 1 root root 916 2012-10-17 16:35 ca.key<br />
-rw-r--r-- 1 root root 4238 2012-10-17 16:57 charon.linuxcabal.org.crt<br />
-rw-r--r-- 1 root root 753 2012-10-17 16:57 charon.linuxcabal.org.csr<br />
-rw------- 1 root root 912 2012-10-17 16:57 charon.linuxcabal.org.key<br />
-rw-r--r-- 1 root root 245 2012-10-17 16:05 dh1024.pem<br />
-rw-r--r-- 1 root root 155 2012-10-17 16:57 index.txt<br />
-rw-r--r-- 1 root root 21 2012-10-17 16:57 index.txt.attr<br />
-rw-r--r-- 1 root root 0 2012-10-17 15:27 index.txt.old<br />
-rw-r--r-- 1 root root 3 2012-10-17 16:57 serial<br />
-rw-r--r-- 1 root root 3 2012-10-17 15:25 serial.old<br />
[root@charon 2.0]# <br />
</pre><br />
<pre><br />
[root@charon 2.0]# cat keys/index.txt<br />
V 131017215727Z 00 unknown /C=MX/ST=Jalisco/L=Guadalajara/O=LinuxCabal A.C./OU=Tutorial/CN=charon.linuxcabal.org/name=rrc/emailAddress=rrc@LinuxCabal.org<br />
[root@charon 2.0]# <br />
</pre><br />
<pre><br />
[root@charon 2.0]# cat keys/index.txt.attr<br />
unique_subject = yes<br />
[root@charon 2.0]# <br />
</pre><br />
<pre><br />
[root@charon 2.0]# cat keys/serial<br />
01<br />
[root@charon 2.0]# <br />
</pre><br />
<pre><br />
[root@charon 2.0]# rm keys/charon.linuxcabal.org.csr <br />
rm: remove regular file `keys/charon.linuxcabal.org.csr'? y<br />
[root@charon 2.0]# <br />
</pre><br />
<br />
=== Explicación ===<br />
<br />
[[Category:OpenVPN-2.1.1HowTo]]</div>Rrc