Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cd /etc/ipsec.d/
- ipsec pki --gen --type rsa --size 4096 --outform pem > private/strongswanKey.pem
- chmod 600 private/strongswanKey.pem
- ipsec pki --self --ca --lifetime 3650 --in private/strongswanKey.pem --type rsa --dn "C=US, O=VPN Server, CN=VPN Server Root CA" --outform pem > cacerts/strongswanCert.pem
- ipsec pki --gen --type rsa --size 4096 --outform pem > private/vpnHostKey.pem
- chmod 600 private/vpnHostKey.pem
- ipsec pki --pub --in private/vpnHostKey.pem --type rsa | ipsec pki --issue --lifetime 1825 --cacert cacerts/strongswanCert.pem --cakey private/strongswanKey.pem --dn "C=US, O=VPN Server, CN=vpn.example.com" --san vpn.example.com --flag serverAuth --flag ikeIntermediate --outform pem > certs/vpnHostCert.pem
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement