What's new

tutorial OCSERV OPENCONNECT SERVER INSTALLATION (PART 2)

ah nou nhy mou

Moderator
Staff member
Moderator
Established
Awards
2
  • SikatPInoy Staff
  • medal 1
Now you will be in the vi editor where you can insert content after pressing the “insert” key. Just paste the following content to the ca.tmpl file. Save and quit the vi editor using the keys Esc:wq

cn = “VPN CA”
organization = “Low End Box”
serial = 1
expiration_days = 3650
ca
signing_key
cert_signing_key
crl_signing_key

Please note that you can change the cn and organization values with any value that you wish.

Once done, run the following command to generate a private key

sudo certtool –generate-privkey –outfile ca-key.pem

Now, generate a self-signed certificate using the following command

sudo certtool –generate-self-signed –load-privkey ca-key.pem \
–template ca.tmpl –outfile ca-cert.pem

generating self signed certificate

Now you need to create a new file named server.tmpl on the current directory using the following command

sudo vi server.tmpl

Insert the following data into the server.tmpl file after changing the cn value with your domain name or IP address. I have used my server IP address 104.236.38.188 in the example

cn = “104.236.38.188”
organization = “Low End Box”
expiration_days = 3650
signing_key
encryption_key
tls_www_server

Once you paste the values to the file, save and quite from the vi editor

Now create a private key for generating server certificate by using the following command

sudo certtool –generate-privkey –outfile server-key.pem

Create a server certificate by utilising the private key generated in the next step. Just use the below command in the putty box

sudo certtool –generate-certificate –load-privkey server-key.pem \
–load-ca-certificate ca-cert.pem –load-ca-privkey ca-key.pem \
–template server.tmpl –outfile server-cert.pem
 
Top