CLOSED: Custom Certs for Multiple Users

rdagijones
Posts: 274
Joined: Thu Jan 26, 2012 7:56 am

CLOSED: Custom Certs for Multiple Users

Postby rdagijones » Fri Feb 12, 2021 3:52 pm

I am creating custom certs for multiple remote clients. This Amahi posting is outdated (https://wiki.amahi.org/index.php/OpenVP ... rtificates) but I don't mind updating it as long as my information is correct.

I am following this guide (Installed easyrsa and starting with "Build the Local CA and generate Server Keys and Certificate file")
Part 1 - https://ravenhawktech.com/index.php/202 ... ra-server/
Part 2 - https://ravenhawktech.com/index.php/202 ... er-part-2/

But noticing some inconsistencies to the original approach in the older Amahi post. I am just wondering if the inconsistencies are 1. due to upgrades in Openvpn and easyrsa and 2. more that one way to approach the need for multiple client certs.

Now the questions:
1. Just to confirm, the OpenVPN configuration file in Amahi is /etc/openvpn/amahi.conf is that correct?
2. In the amahi.conf there are lines for Amahi-Server-OpenVPN.crt and Amahi-Server-OpenVPN.key.
I am assuming that the "server.key" generated by this code in the guide
./easyrsa build-server-full server nopass
needs to be

Code: Select all

./easyrsa build-server-full Amahi-Server-OpenVPN nopass
so that the name of the file fits the language of the amahi.conf file, is that correct?
3. On that same note, how do I generate the Amahi-Server-OpenVPN.crt
4. In an old Amahi forum posting (which I cannot find at present) there was discussion about a line needed in amahi.conf to allow multiple clients. Is that so?
5. If I make changes to amahi.conf, will the amahi.conf be overwritten by updates?

I know, lots of questions, but we only had one remote office worker and then Covid-19 hit. Now everyone wants to use the server from home. The good news is more people in our office are appreciating your fine work now. Thanks for such a great server.

rdagijones
Posts: 274
Joined: Thu Jan 26, 2012 7:56 am

Re: Custom Certs for Multiple Users

Postby rdagijones » Fri Feb 12, 2021 4:23 pm

I think I just found the answer to question #3

I just realized that easyrsa
  • creates the .key files and puts them in the "private" directory under easyrsa and
  • creates the .crt files and places them in the "issued" directory under easyrsa.
I simply had not looked in the "issued" directory.

rdagijones
Posts: 274
Joined: Thu Jan 26, 2012 7:56 am

Re: Custom Certs for Multiple Users

Postby rdagijones » Mon Feb 22, 2021 12:00 pm

Figured it out and updated the wiki.

Check it out https://wiki.amahi.org/index.php/OpenVP ... rtificates

User avatar
bigfoot65
Project Manager
Posts: 11924
Joined: Mon May 25, 2009 4:31 pm

Re: Custom Certs for Multiple Users

Postby bigfoot65 » Mon Feb 22, 2021 3:19 pm

I saw your updates.

Thanks for fixing this tutorial.

Will mark this thread as closed.
ßîgƒσστ65
Applications Manager

My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2

Who is online

Users browsing this forum: No registered users and 6 guests