FireBrick IPsec (Road Warrior Howto): Difference between revisions
First make the private ''key'' file for the CA. We'll call it <tt>ca-key.pem</tt>. This file should be kept secret.
 
<syntaxhighlight language=bash>
./make-key ca-key.pem
</syntaxhighlight>
 
Then make a certificate file, and sign it using the ''key'' file. We'll call it <tt>ca-cert.pem</tt>. This involves several attributes in the DN (Distinguished name) which mostly don't matter much for your own certificate (/C=Country, /ST=State, /L=Locality, /O=OrganisationName, /CN=CommonName). Typically you would set just the CommonName, using your home or company name
Retrieved from ‘http://support.aa.net.uk/FireBrick_IPsec_(Road_Warrior_Howto)