mirror of
https://github.com/OpenVPN/openvpn.git
synced 2026-02-03 20:39:40 -05:00
0d80b562e4
This unifies our key generation and also migrates the generation
of the tls-crypt-v2 keys. Since tls-crypt-v2 is not included in any
released version, we remove the the old syntax without compatibility.
PATCH V4: Introduce warning/error when using --secret with --genkey
Update non code usages to use new --genkey syntax
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20190613134834.5709-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18524.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
|
||
|---|---|---|
| .. | ||
| ca.crt | ||
| ca.key | ||
| client-ec.crt | ||
| client-ec.key | ||
| client-pass.key | ||
| client.crt | ||
| client.key | ||
| client.p12 | ||
| dh2048.pem | ||
| gen-sample-keys.sh | ||
| openssl.cnf | ||
| README | ||
| server-ec.crt | ||
| server-ec.key | ||
| server.crt | ||
| server.key | ||
| ta.key | ||
Sample RSA and EC keys.
Run ./gen-sample-keys.sh to generate fresh test keys.
See the examples section of the man page for usage examples.
NOTE: THESE KEYS ARE FOR TESTING PURPOSES ONLY.
DON'T USE THEM FOR ANY REAL WORK BECAUSE
THEY ARE TOTALLY INSECURE!
ca.{crt,key} -- sample CA key/cert
server.{crt,key} -- sample server key/cert
client.{crt,key} -- sample client key/cert
client-pass.key -- sample client key with password-encrypted key
password = "password"
client.p12 -- sample client pkcs12 bundle
password = "password"
client-ec.{crt,key} -- sample elliptic curve client key/cert
server-ec.{crt,key} -- sample elliptic curve server key/cert