|
|
Some more digging has shown that the tarball source versions of OpenVPN 2.1_rc4 includes such goodies as the build-req script - which is basically a wrapper script around pkitool, the kind of tool that I need to generate the CSR. The CSR can then be handed to the OpenVPN administrator for signing at the CA. This is the functionality I need. However, there appears to be no equivalent tool in the Windows installer version. Can anyone corroborate this statement? Cheers, Etienne -----Original Message----- From: Erich Titl [mailto:erich.titl@xxxxxxxx] Sent: 07 July 2007 10:23 To: evdepa@xxxxxxxxxxxxx Cc: OpenVPN Subject: Re: [Openvpn-users] Client-local PKCS#10 CSR generation Etienne Etienne V. Depasquale wrote: > Thanks for the point made regarding separating the VPN server from the CA. > > However, I don't see how using a RoCA as a stand-alone CA will help > (admitting that I haven't used it yet!); is there a client part to RoCA that > the end-user can run on his computer to generate the CSR? That's the core > problem. If this is the case, I would have preferred to avoid introducing > the end-user to a second item of software. > I see, building a certificate request does not meed much, Your clients can of course build their own keys and certificate requests which you can then import to whatever CA you like for signng. cheers Erich No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.476 / Virus Database: 269.10.2/891 - Release Date: 08/07/2007 18:32 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.476 / Virus Database: 269.10.2/891 - Release Date: 08/07/2007 18:32 ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |