Question about CA's, and OpenVPN Server



  • Hi All,

    I've recently got an OpenVPN server up and running, going through the wizard, the certificate generation steps for CA and Server don't seem to hold (no new entries), so I had to manually add these in the cert manager; this would be correct right?

    I also had a question regarding CA's generated within PFsense; what requirement if any is there that the information included in the CA be legitimate e.g dummy values in each field.

    Would this only be relevant in a non-self-signed cert?

    Also an unrelated note - is a TAP based server the only way to utilise DLNA streaming remotely?

    Matt


  • Rebel Alliance Developer Netgate

    A CA/Cert made with the Wizard should work and show up in the Cert Manager afterward. You can make them yourself, too, but using the Wizard is also fine.

    There is no specific requirement for the information you put in the CA/Cert so long as you respect the limitations for special characters in the current release. It should be unique but it can be generic. Meaning if you have multiple CA entries or multiple certificates, they should not have identical values for all fields as this can confuse many utilities which locate certificates by subject. The CA/Cert for OpenVPN are self-signed so they don't have to be verified beyond the certificate being made from the correct CA.


Log in to reply