mirror of
https://github.com/OpenVPN/openvpn.git
synced 2025-10-15 12:17:38 +08:00
6fbf66fad3
It includes the --topology feature, and TAP-Win32 driver changes to allow non-admin access. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
Extract all zip'd files to the OpenVPN home directory, including the openssl.cnf file from the top-level "easy-rsa" directory. First run init-config.bat Next, edit vars.bat to adapt it to your environment, and create the directory that will hold your key files. To generate TLS keys: Create new empty index and serial files (once only) 1. vars 2. clean-all Build a CA key (once only) 1. vars 2. build-ca Build a DH file (for server side, once only) 1. vars 2. build-dh Build a private key/certficate for the openvpn server 1. vars 2. build-key-server <machine-name> Build key files in PEM format (for each client machine) 1. vars 2. build-key <machine-name> (use <machine name> for specific name within script) or Build key files in PKCS #12 format (for each client machine) 1. vars 2. build-key-pkcs12 <machine-name> (use <machine name> for specific name within script) To revoke a TLS certificate and generate a CRL file: 1. vars 2. revoke-full <machine-name> 3. verify last line of output confirms revokation 4. copy crl.pem to server directory and ensure config file uses "crl-verify <crl filename>"