OpenVPN "database" and certificates duplication
Posted: Sun Feb 21, 2016 11:56 am
Hi,
I have one installed and working openvpn server that I want to duplicate keys from, and copy them to another server. I would like to avoid generating sets of certificates specially because I reinstall often the servers from scratch.
I'm wondering if I can just take the ca.crt, dh2048.pem, ca.key and server.conf, backup them somewhere and copy them to the new server or to the new installation.
Is that sufficient ?
What should I do with my "<users>.pem" files ? How can I manage certificate revocation to unauthorize people after that ? Should I take all the key,crt, csr, pem files ?
Is there a kind of openvpn database somewhere ?
and as a general question, are the client certificate need to be maintained on the server for the client to connect the server ? if yes, where ?
Thanks for your replieS.
Franck
I have one installed and working openvpn server that I want to duplicate keys from, and copy them to another server. I would like to avoid generating sets of certificates specially because I reinstall often the servers from scratch.
I'm wondering if I can just take the ca.crt, dh2048.pem, ca.key and server.conf, backup them somewhere and copy them to the new server or to the new installation.
Is that sufficient ?
What should I do with my "<users>.pem" files ? How can I manage certificate revocation to unauthorize people after that ? Should I take all the key,crt, csr, pem files ?
Is there a kind of openvpn database somewhere ?
and as a general question, are the client certificate need to be maintained on the server for the client to connect the server ? if yes, where ?
Thanks for your replieS.
Franck