加入收藏 | 设为首页 | 会员中心 | 我要投稿 济南站长网 (https://www.0531zz.com/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 服务器 > 搭建环境 > Linux > 正文

教你在Centos 6.3下利用openvpn部署远程VPN服务

发布时间:2016-09-08 12:36:05 所属栏目:Linux 来源:站长网
导读:今天看到群里有人提到openvpn,刚好放假在家,就顺带的研究了下。 2年前自己还是小白的时候就在老单位连总部OA时用过openvpn这个客户端,感觉还挺好用,而且觉

注:也就是如果执行./clean-all,就会清空/etc/openvpn/easy-rsa/easy-rsa/2.0/keys下所有文件

开始配置证书:

1.清空原有证书:

# ./clean-all

注:下面这个命令在第一次安装时可以运行,以后在添加完客户端后慎用,因为这个命令会清除所有已经生成的证书密钥,和上面的提示对应

2.生成服务器端ca证书

# ./build-ca

注:由于之前做过缺省配置,这里一路回车即可

3.生成服务器端密钥证书, 后面这个openvpn.example.com就是服务器名,也可以自定义

# ./build-key-server openvpn.example.com

---------------------------

Generating a 2048 bit RSA private key

...................................................+++

..................................+++

writing new private key to 'openvpn.example.com.key'

-----

You are about to be asked to enter information that will be

incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or

a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [SX]:

Locality Name (eg, city) [Xian]:

Organization Name (eg, company) [example]:

Organizational Unit Name (eg, section) []:

Common Name (eg, your name or your server's hostname)

[openvpn.example.com]:

Name [EasyRSA]:

Email Address [user01@example.com]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:123456

An optional company name []:example

Using configuration from /etc/openvpn/easy-rsa/easy-rsa/2.0/openssl-1.0.0.cnf

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'CN'

stateOrProvinceName   :PRINTABLE:'SX'

localityName          :PRINTABLE:'Xian'

organizationName      :PRINTABLE:'example'

commonName            :PRINTABLE:'openvpn.example.com'

name                  :PRINTABLE:'EasyRSA'

emailAddress          :IA5STRING:'user01@example.com'

Certificate is to be certified until Jun 10 21:58:49 2023 GMT (3650 days)

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y

Write out database with 1 new entries

Data Base Updated

---------------------------

(编辑:济南站长网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
相关内容
    推荐文章
    站长推荐
    热点阅读

      【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

      建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的最佳浏览效果

      Copygight © 2008-2022 https://www.0531zz.com/ All Rights Reserved. 济南站长网