Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick IPsec (Road Warrior Howto): Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
Line 17: Line 17:
First make the private ''key'' file for the CA. We'll call it <tt>ca-key.pem</tt>. This file should be kept secret.
First make the private ''key'' file for the CA. We'll call it <tt>ca-key.pem</tt>. This file should be kept secret.


<syntaxhighlight language=bash>
./make-key ca-key.pem
./make-key ca-key.pem
</syntaxhighlight>


Then make a certificate file, and sign it using the ''key'' file. We'll call it <tt>ca-cert.pem</tt>. This involves several attributes in the DN (Distinguished name) which mostly don't matter much for your own certificate (/C=Country, /ST=State, /L=Locality, /O=OrganisationName, /CN=CommonName). Typically you would set just the CommonName, using your home or company name
Then make a certificate file, and sign it using the ''key'' file. We'll call it <tt>ca-cert.pem</tt>. This involves several attributes in the DN (Distinguished name) which mostly don't matter much for your own certificate (/C=Country, /ST=State, /L=Locality, /O=OrganisationName, /CN=CommonName). Typically you would set just the CommonName, using your home or company name
Retrieved from "http://support.aa.net.uk/FireBrick_IPsec_(Road_Warrior_Howto)"