OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

How to sign keys with intermediary CA?

https://forums.openvpn.net/viewtopic.php?t=21562

Page 1 of 1

How to sign keys with intermediary CA?

Posted: Tue Apr 19, 2016 8:48 pm
by shamil
I made my root CA a while ago, and then I made an intermediary CA.

I can then do one of two things which are easy and obvious.
1. ./pkitool --csr client1 (creating unsigned is not a problem)
2. ./pkitool --sign client1 (great for signing with the root CA; what i don't want to do)

What's not obvious.
I haven't found anyway in pkitool to specify which CA i want an unsigned key signed by.
Scouring google has also yielded nothing.
How to do?

Re: How to sign keys with intermediary CA?

Posted: Wed Apr 20, 2016 12:32 am
by shamil
SOLVED

I found the cook book. No one else likes to detail setting up an intermediary ca anywhere on the net...that is next to unbelievable.

Re: How to sign keys with intermediary CA?

Posted: Wed Apr 20, 2016 7:03 am
by Traffic
shamil wrote:I found the cook book
I presume you mean JJK's excellent work ;)

Good place for a quick plug: https://openvpn.net/index.php/open-source/books.html

You are welcome to share your solution here .. 8-)
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/