Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cat << EOF > openssl.conf
- [ req ]
- req_extensions = v3_req
- distinguished_name = req_distinguished_name
- hash = sha256
- prompt = no
- [ req_distinguished_name ]
- countryName = FR
- localityName = Paris
- commonName = ca.openvpn.com
- [ v3_req ]
- basicConstraints = CA:TRUE
- EOF
- cat << EOF > openssl.conf
- [ req ]
- req_extensions = v3_req
- distinguished_name = req_distinguished_name
- hash = sha256
- prompt = no
- [ req_distinguished_name ]
- countryName = FR
- localityName = Paris
- commonName = ca.openvpn.com
- [ v3_req ]
- basicConstraints = CA:TRUE
- EOF
- cat << EOF > openssl_client.conf
- [ req ]
- req_extensions = v3_req
- distinguished_name = req_distinguished_name
- hash = sha256
- prompt = no
- [ req_distinguished_name ]
- countryName = FR
- localityName = Paris
- commonName = client.openvpn.com
- [ v3_req ]
- basicConstraints = CA:FALSE
- EOF
- cat << EOF > openssl_client.conf
- [ req ]
- req_extensions = v3_req
- distinguished_name = req_distinguished_name
- hash = sha256
- prompt = no
- [ req_distinguished_name ]
- countryName = FR
- localityName = Paris
- commonName = client.openvpn.com
- [ v3_req ]
- basicConstraints = CA:FALSE
- EOF
- cat << EOF > openssl_server.conf
- [ req ]
- req_extensions = v3_req
- distinguished_name = req_distinguished_name
- hash = sha256
- prompt = no
- [ req_distinguished_name ]
- countryName = FR
- localityName = Paris
- commonName = server.openvpn.com
- [ v3_req ]
- basicConstraints = CA:FALSE
- EOF
- #DH
- openssl dhparam -out dh.pem 2048
- #CA
- openssl req -config openssl.conf -x509 -nodes -days 365 -newkey rsa:4096 -keyout ca.key -out ca.crt
- #Server
- openssl req -config openssl_server.conf -nodes -new -newkey rsa:4096 -out server.csr -keyout server.key
- openssl x509 -req -in server.csr -out server.crt -CA ca.crt -CAkey ca.key -CAcreateserial -CAserial ca.srl
- #Client
- openssl req -config openssl_client.conf -nodes -new -newkey rsa:4096 -out client.csr -keyout client.key
- openssl x509 -req -in client.csr -out client.crt -CA ca.crt -CAkey ca.key
- openssl x509 -in client.crt -text
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement