Safe way to share certs and keys

Scripts to manage certificates or generate config files
Post Reply
latot
OpenVpn Newbie
Posts: 1
Joined: Tue Mar 21, 2023 1:53 pm

Safe way to share certs and keys

Post by latot » Tue Mar 21, 2023 3:23 pm

Hi!, I'm new in all this of the openVPN.

I was able to finish the first "How To" and run a basic VPN server, with the server and clients keys (but I only made 1).

Well, I want in some time test it with other ppl, but I notice something, the client config file, needs four file.

ca.crt (can be public)
client1.crt (can be public)
client1.key (can't be public)
ta.key (no idea)

How openVPN needs this four files... I'm asking how can I share them in a safe way. Ideally in a easy way too, send all the files in a zip, is not the easiest way for a non technical user.

Thx!

Fadim
OpenVPN User
Posts: 26
Joined: Mon May 15, 2023 12:14 pm

Re: Safe way to share certs and keys

Post by Fadim » Tue May 16, 2023 9:18 am

Hi @latot,

First off, congrats on getting your basic VPN server up and running! Now about your question, it's critical to securely share these files as they're essentially the keys to your VPN kingdom.

You're right that the client1.key needs to be kept secret. The same goes for ta.key, it's a shared secret key for added security and shouldn't be made public either.

For a secure yet user-friendly way to share these files, you might consider using a password-protected ZIP file. You can then send the password via a different communication channel for added security.

Another option could be to use a secure file transfer service, such as those provided by cloud storage providers, which offer end-to-end encryption.

Remember to always share these files securely, and never over unencrypted email.

Good luck with your VPN project!

Post Reply