OpenVPN-2.1.1HowTo/Crear los Certificados del Servidor
Ir a la navegación
Ir a la búsqueda
Crear los Certificados del Servidor
[root@charon 2.0]# ./build-key-server charon.linuxcabal.org Generating a 1024 bit RSA private key .....................................++++++ ..................................++++++ writing new private key to 'charon.linuxcabal.org.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [MX]: State or Province Name (full name) [Jalisco]: Locality Name (eg, city) [Guadalajara]: Organization Name (eg, company) [LinuxCabal A.C.]: Organizational Unit Name (eg, section) []:Tutorial Common Name (eg, your name or your server's hostname) [charon.linuxcabal.org]: Name []:rrc Email Address [rrc@LinuxCabal.org]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from /usr/share/openvpn/easy-rsa/2.0/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'MX' stateOrProvinceName :PRINTABLE:'Jalisco' localityName :PRINTABLE:'Guadalajara' organizationName :PRINTABLE:'LinuxCabal A.C.' organizationalUnitName:PRINTABLE:'Tutorial' commonName :PRINTABLE:'charon.linuxcabal.org' name :PRINTABLE:'rrc' emailAddress :IA5STRING:'rrc@LinuxCabal.org' Certificate is to be certified until Oct 17 21:57:27 2013 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated [root@charon 2.0]#
[root@charon 2.0]# ls -al keys total 60 drwxr-xr-x 2 root root 4096 2012-10-17 16:57 ./ drwxr-xr-x 3 root root 4096 2012-10-17 16:03 ../ -rw-r--r-- 1 root root 4238 2012-10-17 16:57 00.pem -rw-r--r-- 1 root root 1452 2012-10-17 16:35 ca.crt -rw------- 1 root root 916 2012-10-17 16:35 ca.key -rw-r--r-- 1 root root 4238 2012-10-17 16:57 charon.linuxcabal.org.crt -rw-r--r-- 1 root root 753 2012-10-17 16:57 charon.linuxcabal.org.csr -rw------- 1 root root 912 2012-10-17 16:57 charon.linuxcabal.org.key -rw-r--r-- 1 root root 245 2012-10-17 16:05 dh1024.pem -rw-r--r-- 1 root root 155 2012-10-17 16:57 index.txt -rw-r--r-- 1 root root 21 2012-10-17 16:57 index.txt.attr -rw-r--r-- 1 root root 0 2012-10-17 15:27 index.txt.old -rw-r--r-- 1 root root 3 2012-10-17 16:57 serial -rw-r--r-- 1 root root 3 2012-10-17 15:25 serial.old [root@charon 2.0]#
[root@charon 2.0]# cat keys/index.txt V 131017215727Z 00 unknown /C=MX/ST=Jalisco/L=Guadalajara/O=LinuxCabal A.C./OU=Tutorial/CN=charon.linuxcabal.org/name=rrc/emailAddress=rrc@LinuxCabal.org [root@charon 2.0]#
[root@charon 2.0]# cat keys/index.txt.attr unique_subject = yes [root@charon 2.0]#
[root@charon 2.0]# cat keys/serial 01 [root@charon 2.0]#
[root@charon 2.0]# rm keys/charon.linuxcabal.org.csr rm: remove regular file `keys/charon.linuxcabal.org.csr'? y [root@charon 2.0]#
