OpenVPN users list

headers James Yonan | 1 Oct 2003 01:28

Morten Christensen <mc <at> mc.cx> said:

> I need to protect our VPN-tunnels with passwords because computers at 
> the home-end of our tunnels are used by both our employees and the rest 
> of their families.
> 
> As I cannot find a way to combine static keys with passwords, I have to 
> try to understand the use of TLS Mode and RSA keys.
> 
> I have tried to follow "A Simple Guide to RSA Key Management" and the 
> scripts in easy-rsa. A few things :
> 
> What is an "intermediate certificate authority certificate/key" and what 
> is it to be used for ?

Certificates are typically presented in a chain from the top level certificate
(i.e. root certificate) down to the client/server certificate.  Each
certificate is signed by the certificate above it.  The root certificate
itself is self-signed.  An intermediate certificate is a certificate in the
chain which is below the root but above the client/server certificate.

> The Guide says, that we should never need to copy a .key file between 
> computers , but are there tools to build certificates and keys on 
> windows-pc's ?

Yes, the 'openssl' command can be used (which is included in the OpenVPN
Windows distro).

Bear in mind that the Windows version of OpenVPN as of 1.5-beta8 doesn't yet
have the --askpass option implemented, due to windows not supporting the

Mon	Tue	Wed	Thu	Fri	Sat	Sun

		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

39	May 2013
79	April 2013
112	March 2013
90	February 2013
75	January 2013
47	December 2012
72	November 2012
55	October 2012
54	September 2012
119	August 2012
65	July 2012
57	June 2012
68	May 2012
77	April 2012
90	March 2012
110	February 2012
74	January 2012
85	December 2011
136	November 2011
42	October 2011
78	September 2011
63	August 2011
89	July 2011
85	June 2011
121	May 2011
115	April 2011
108	March 2011
101	February 2011
158	January 2011
104	December 2010
110	November 2010
156	October 2010
207	September 2010
239	August 2010
194	July 2010
229	June 2010
393	May 2010
375	April 2010
348	March 2010
256	February 2010
346	January 2010
271	December 2009
298	November 2009
228	October 2009
285	September 2009
276	August 2009
328	July 2009
160	June 2009
253	May 2009
258	April 2009
349	March 2009
262	February 2009
341	January 2009
329	December 2008
300	November 2008
327	October 2008
441	September 2008
382	August 2008
236	July 2008
305	June 2008
350	May 2008
192	April 2008
356	March 2008
452	February 2008
312	January 2008
263	December 2007
260	November 2007
247	October 2007
264	September 2007
246	August 2007
248	July 2007
248	June 2007
281	May 2007
206	April 2007
253	March 2007
237	February 2007
331	January 2007
235	December 2006
270	November 2006
351	October 2006
268	September 2006
349	August 2006
227	July 2006
396	June 2006
379	May 2006
437	April 2006
544	March 2006
429	February 2006
499	January 2006
486	December 2005
377	November 2005
413	October 2005
389	September 2005
416	August 2005
387	July 2005
419	June 2005
492	May 2005
559	April 2005
746	March 2005
690	February 2005
632	January 2005
705	December 2004
669	November 2004
800	October 2004
681	September 2004
611	August 2004
532	July 2004
540	June 2004
415	May 2004
239	April 2004
451	March 2004
287	February 2004
254	January 2004
129	December 2003
198	November 2003
235	October 2003
155	September 2003
152	August 2003
29	July 2003
42	June 2003
73	May 2003
16	April 2003
11	March 2003
20	February 2003
4	January 2003

Re: Understanding TLS Mode and RSA key management

RE: OpenVPN 1.5-beta8 released

OpenSSL Security Advisory [30 September 2003]

OpenSSL Security Advisory [30 September 2003]

Re: Understanding TLS Mode and RSA key management

share error..

RE: share error..

share error..

Re: share error..

Re: OpenVPN 1.5-beta8 released