如安在linux上实现Openvpn
发布时间:2016-10-31 17:44:00 所属栏目:Linux 来源:站长网
导读:副标题#e# 一,OpenVPN的工作原理 VPN技术通过密钥交换、封装、认证、加密手段在公共网络上建立起私密的隧道,保障传输数据的完整性、私密性和有效性。OpenVPN是近年来新出现的开放源码项目,实现了SSLVPN的一种解决方案。 传统SSL VPN通过端口代理的方法实
|
2.3建立根证书 [root@test1 2.0]# ./build-ca Generating a 1024 bit RSA private key ..++++++ .....................................................++++++ writing new private key to 'ca.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]:CN State or Province Name (full name) [HB]:HUB Locality Name (eg, city) [WH]:WH Organization Name (eg, company) [test.com]:test.com Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [test.com CA]:test1.test.com Name []: Email Address [root@localhost]: 2.4生成服务器端密钥key, 后面这个server-name就是服务器名,可以自定义 [root@test1 2.0]# ./build-key-server test1.test.com Generating a 1024 bit RSA private key .......................................++++++ ..........................++++++ writing new private key to 'test1.test.com.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]:CN State or Province Name (full name) [HB]:HB Locality Name (eg, city) [WH]:WH Organization Name (eg, company) [test.com]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [test1.test.com]: Name []: Email Address [root@localhost]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456 An optional company name []: Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'CN' stateOrProvinceName :PRINTABLE:'HB' localityName :PRINTABLE:'WH' organizationName :PRINTABLE:'test.com' commonName :PRINTABLE:'test1.test.com' emailAddress :IA5STRING:'root@localhost' Certificate is to be certified until Oct 6 03:30:01 2023 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated (编辑:常州站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
