Advertisement
Guest User

Untitled

a guest
Jun 6th, 2023
221
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.71 KB | None | 0 0
  1. cd /etc/ipsec.d/
  2. ipsec pki --gen --type rsa --size 4096 --outform pem > private/strongswanKey.pem
  3. chmod 600 private/strongswanKey.pem
  4. ipsec pki --self --ca --lifetime 3650 --in private/strongswanKey.pem --type rsa --dn "C=US, O=VPN Server, CN=VPN Server Root CA" --outform pem > cacerts/strongswanCert.pem
  5. ipsec pki --gen --type rsa --size 4096 --outform pem > private/vpnHostKey.pem
  6. chmod 600 private/vpnHostKey.pem
  7. ipsec pki --pub --in private/vpnHostKey.pem --type rsa | ipsec pki --issue --lifetime 1825 --cacert cacerts/strongswanCert.pem --cakey private/strongswanKey.pem --dn "C=US, O=VPN Server, CN=vpn.example.com" --san vpn.example.com --flag serverAuth --flag ikeIntermediate --outform pem > certs/vpnHostCert.pem
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement