![]() ![]() ![]() certificate sign server ca="CA" name="server" certificate add name=server country="RO" state="RO" locality="Bucharest" organization="home" unit="mk" common-name="server" key-size=4096 days-valid=3650 key-usage=digital-signature,key-encipherment,tls-server ![]() certificate sign CA ca-crl-host=127.0.0.1 name="CA" certificate add name=CA country="RO" state="RO" locality="Bucharest" organization="home" unit="mk" common-name="CA" key-size=4096 days-valid=3650 key-usage=crl-sign,key-cert-sign You can see that the router is busy with the certificate sign from the CPU usage, when the certificate is signed the CPU usage will drop and you will see the “KLAT” in the line description of the CA certificate and “KI” at the server and client certificate, after the certificate signing is done you can proceed with the next certificate. Note that sometimes you will get an “action timed out” error when you will be signing the certificates, that is not a problem, you just have to wait a little bit longer. You will need to run the command bellow one by one, the signing of the certificates will take time and will load the CPU. In this example we will be using a router with the external IP 192.168.88.2, internal IP 192.168.89.1 and the pool for the OVPN clinets will be 192.168.87.0/24. Bellow you can find the steps I used to create a OVPN server using a Mikrotik router. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |