You are not logged in.
- Topics: Active | Unanswered
#1 2023-08-20 10:31:31
- hack3rcon
- Member
- Registered: 2019-08-10
- Posts: 11
A question about Easy-RSA
Hello,
When I use ./easyrsa build-ca nopass command, then it asks me Common Name (eg: your user, host, or server name) [Easy-RSA CA]: question, the name that I entered in the question, must be used in the following commands?
# ./easyrsa gen-req NAME nopass
# ./easyrsa sign-req server NAMEOr, I can enter any name, but the name that I enter for the two above commands, must be same.
Which one?
Thank you.
Offline
#2 2023-08-21 06:38:33
- -thc
- Member
- Registered: 2017-03-15
- Posts: 516
Re: A question about Easy-RSA
In case of the "build-ca" command the resulting file names are fixed ("ca.crt", "ca.key").
Further server and client certificates need a filename base of your choosing ("mysrv" -> "mysrv.key", "mysrv.csr", "mysrv.crt") and in your case must be the same - but those are completely independent of the CN of your CA.
There's an EasyRSA Subforum on openvpn.net: https://forums.openvpn.net/viewforum.php?f=31
Offline
#3 2023-08-21 06:48:02
- hack3rcon
- Member
- Registered: 2019-08-10
- Posts: 11
Re: A question about Easy-RSA
In case of the "build-ca" command the resulting file names are fixed ("ca.crt", "ca.key").
Further server and client certificates need a filename base of your choosing ("mysrv" -> "mysrv.key", "mysrv.csr", "mysrv.crt") and in your case must be the same - but those are completely independent of the CN of your CA.
There's an EasyRSA Subforum on openvpn.net: https://forums.openvpn.net/viewforum.php?f=31
Hello,
Thank you so much.
So, the following commands are wrong:
# ./easyrsa gen-req MY_SERVER_1 nopass
# ./easyrsa sign-req server MY_SERVER_2Offline
#4 2023-08-21 06:48:59
- -thc
- Member
- Registered: 2017-03-15
- Posts: 516
Re: A question about Easy-RSA
Yes.
Offline
#5 2023-08-21 06:54:07
- hack3rcon
- Member
- Registered: 2019-08-10
- Posts: 11
Re: A question about Easy-RSA
Yes.
Hello,
Thanks again.
Offline
#6 2023-08-21 07:00:52
- hack3rcon
- Member
- Registered: 2019-08-10
- Posts: 11
Re: A question about Easy-RSA
Hello,
Excuse me, I forgot to ask.
The Common Name (eg: your user, host, or server name) [Easy-RSA CA]: is just a name and it has nothing to do with those commands?
For example:
Common Name (eg: your user, host, or server name) [Easy-RSA CA]: Arch Linux
# ./easyrsa gen-req Arch_Server nopass
# ./easyrsa sign-req server Arch_ServerAre the above values OK?
Offline