-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
Edit openssl.conf to fit with your requirments then follow these steps: Create a CA: #openssl genrsa -des3 -out ca.key 1024 #openssl req -new -x509 -days 365 -key ca.key -out ca.crt Then you can create certs like this: #openssl genrsa -out user.key 1024 #openssl req -new -key user.key -out user.csr #openssl x509 -req -days 182 -in user.csr -CA ca.crt -CAkey ca.key - -CAcreateserial -out user.crt You can export to pkcs12 using: #openssl pkcs12 -export -inkey user.key -certfile ca.crt -in user.crt - -out user.p12 Check man openssl to know the meaning of each options. Good Luck. Alexandre Verriere. Harald Dunkel a icrit : > If you are looking for some GUI to manage keys and > certificates, then you should consider TinyCA . Its > in the packages. > > To setup OpenVPN (including all that certificate stuff) > this page might help: > > http://www.kernel-panic.it/openbsd/vpn/index.html > > > Good luck > > Harri iQEcBAEBAgAGBQJJh/5cAAoJEFtprSOdqQjsk4oIALJ+SdY7x+xT1KHpWVCdkLR9 2lyCt9ovAyERf0fTCpZElSAiU8gxhqF0koXEZFo21/Qvex7hs9tjSlF1wR/by6jE Gd5uJbElhWeuu2kw6tA+Yi2niq32FXu/O+FISokUq4JUH4mmoFdvY8ZzYlTtE5yl LrpESuZ9OYby9sBtVbRjUgfTEmLOMnlTXG006VKv0ZroQX4WmZWJIN0AgJJmnJIU b2O390qyejn0DrQxqz6TpXGK+O1IPCsycs1D9iFJdYqFIz8wxsl+f5HuHTUuFFuY TFuIXyA9F+Zc2bAmlFrYeomRREeGrk4pgzORffgk9oY6BASCb4w2xgOqr4ATvuY= =i37R -----END PGP SIGNATURE-----
