#HOW TO INSTALL OPENVPN ON CENTOS 7 GENERATOR#
Generating DH parameters, 2048 bit long safe prime, generator 2 Next, run commands to initialise and build your CA files and generate Diffie-Hellman parameters under easy-rsa 3. Your new CA certificate file for publishing is at: If you enter '.', the field will be left blank.Ĭommon Name (eg: your user, host, or server name) :serverĬA creation complete and you may now import and sign cert requests. There are quite a few fields but you can leave some blankįor some fields there will be a default value, What you are about to enter is what is called a Distinguished Name or a DN. You are about to be asked to enter information that will be incorporated Writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.docNHm1tdU' You will need to enter this password any time you sign a certificate request for a server or client certificate: easy-rsa]#. You will be prompted for a password to use for your CA key along with some organisational information. The build-ca sub command first generates a Certificate Signing Request (CSR) under easy-rsa 3, and subsequently self-signs that request. Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki Init-pki complete you may now create a CA or requests. In this case, the initialisation process cleans out the contents of the pki directory under easy-rsa 3, and creates the private and reqs subdirectories. We will copy these files to our custom directory /etc/openvpn/easy-rsa/ 3.0.3]# cp -rf * 3.0.3]# cd easy-rsa]# ls -l