Skopiować i poprawić katalog oraz domyślne wartości dla ssl.cnfCA.pl -newca CA.pl -server CA.pl -client CA.pl -crl
#!/bin/bash openssl dhparam -out ./vpn.pbs.corp-dh2048.pem 2048 openvpn --genkey --secret ./vpn.pbs.corp.secret.key
Cannot open TUN/TAP dev /dev/tun0: No such file or directory (errno=2) #mkdir -p /dev/net #mknod /dev/net/tun c 10 200 #chmod 600 /dev/net/tun #cat /dev/net/tun apt-get install udev
http://www.openssl.org/docs/apps/CA.pl.html
DSA CERTIFICATESAlthough the CA.pl creates RSA CAs and requests it is still possible to use it with DSA certificates and requests using the req(1) command directly. The following example shows the steps that would typically be taken.Create some DSA parameters: openssl dsaparam -out dsap.pem 1024Create a DSA CA certificate and private key: openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pemCreate the CA directories and files: CA.pl -newcaenter cacert.pem when prompted for the CA file name.Create a DSA certificate request and private key (a different set of parameters can optionally be created first): openssl req -out newreq.pem -newkey dsa:dsap.pemSign the request: CA.pl -signreq