0

I want to run an OpenVPN-Server on a box but creating dh on it is really slow. I was searching the net, how to import a ca for the OpenVPN-Server on OpenWRT so I can run build-dh on a nother computer and won't have to wait half a day for the certificate to build. Is that possible, is there a tutorial somewhere how to do it?

fdafgfdgfagfdagfdagfdagfdagfda
  • 171
  • 3
  • 14

1 Answers1

1

Take a look at https://github.com/OpenVPN/easy-rsa

This is the openvpn certificate utility easy-rsa, you can install on any computer with openssl and bash support.

It's recommended by security not store the CA (Private key) on router, you can safe create the certs outside the router, in a secure environment, a isolated network computer, etc.

You only need to copy the server certificates on OpenVPN provision, after you can distribute generated clients certs.

Marcos Lois Bermúdez
  • 61
  • 1
  • 4
  • I know. But how do I import the ca on OpenWRT? – fdafgfdgfagfdagfdagfdagfdagfda Dec 03 '15 at 10:23
  • You need download easy-rsa as noted above, and generate CA, server and client cert/key pairs, make the same steps to generate as notes around lots of guides on internet, this is OpenWrt specific one: https://wiki.openwrt.org/inbox/vpn.howto copy the files to OpenWrt router, note that you only need to copy the files once, the clients certs are not stored on the router. – Marcos Lois Bermúdez Jan 24 '16 at 17:12