Changes between Version 6 and Version 7 of EasyRSA3-OpenVPN-Howto
- Timestamp:
- 11/30/13 22:29:06 (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
EasyRSA3-OpenVPN-Howto
v6 v7 9 9 == Separate CA system procedure == 10 10 11 Pick a locationfor the CA and each entity that will be assigned certs. All keypair/request generation should occur on the target system that will use them; put another way, generate your client & server requests/keys on each system for best security.11 Pick locations for the CA and each entity that will be assigned certs. All keypair/request generation should occur on the target system that will use them; put another way, generate your client & server requests/keys on each system for best security. 12 12 13 13 You will end up with the following locations used in the steps below: 14 14 15 15 CA:: your secured CA environment 16 entity:: each client and server has their own, separate environment 16 entity:: each client and server has their own, separate environment; this will usually include at least 2 locations, one for the server and another for your client (on their respective machines.) 17 17 18 18 1. On the CA, start a new PKI and build a CA keypair/cert: