OpenVPN

Creating the certificates with openssl for windows

openssl for windows 1.0.0e comments

  • after install copy openssl.cfg to openssl.conf and create the directory c:\usr\local\ssl** and copy the openssl.cfg to a file called openssl.cnf in that directory (seems like in different places different developers assume different naming and/or placing of the same config file)
  • or use the -config openssl.cfg parameter to force the configuration file

openwrt wiki certificate creation seems messed up the correct order would be (using the unfortunate configuration location openssl for windows)

  • certificate authority private key : openssl genrsa -des3 -out ca.key 1024
  • certificate authority certificate : openssl req -config openssl.conf -new -x509 -days 1001 -key ca.key -out ca.crt
  • certificate signing request and private key for server : openssl req -config openssl.cfg -new -newkey rsa:1024 -out servercsr.pem -nodes -keyout serverkey.pem -days 99999
  • signed server certificate by certificate authority : openssl ca -cert ca.crt -keyfile ca.key -out server.crt -in servercsr.pem
  • certificate signing request and private key for client : openssl req -newkey rsa:1024 -out clientcsr.pem -nodes -keyout clientkey.pem -days 99999
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-Share Alike 2.5 License.