O'Reilly logo

OpenVPN Cookbook - Second Edition by Jan Just Keijser

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4.  PKI, Certificates, and OpenSSL

In this chapter, we will cover:

  • Certificate generation
  • OpenSSL tricks: x509, pkcs12, verify output
  • Revoking certificates
  • The use of CRLs
  • Checking expired/revoked certificates
  • Intermediary CAs
  • Multiple CAs: stacking, using the capath directive
  • Determining which crypto library is used
  • Crypto features of OpenSSL and PolarSSL
  • Pushing ciphers
  • Elliptic curve support

Introduction

This chapter is a small detour into the public key infrastructures (PKIs), certificates, and openssl commands. The primary purpose of the recipes in this chapter is to show how the certificates, which are used in OpenVPN, can be generated, managed, viewed, and what kind of interactions exist between OpenSSL and OpenVPN.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required