Hello,
I manage our small Linux based company server which holds some CUI Gov't files so security is paramount. I just changed from 2048 bit to 4096 bit certificates using EasyRSA-3.0.5 and generated a dhp4096.pem file directly into the /etc/openvpn folder with the openssl command instead of generating it first with gen-dh in the EasyRSA-3.0.5 folder and transferring a copy into the /etc/openvpn folder as was the case with the 2048 bit installation. There was no dhp4096.pem file in the EasyRSA-3.0.5 folder when I continued the rest of the configuration. Will this alter anything such as the public key, HMAC or any other aspect? Everything works fine, just curious.
Thank you in advance.
Joe
Generating 4096 pem
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVPN Protagonist
- Posts: 11138
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Generating 4096 pem
Please see:mn918_79Sh wrote: ↑Tue Sep 03, 2019 9:51 pmI manage our small Linux based company server which holds some CUI Gov't files so security is paramount
viewtopic.php?f=30&t=22603