++++ writing new private key to 'keys\.key' - You are about to be asked to enter information that will be incorporated into your certificate request. Server Certificates and Keys C:\Program Files\OpenVPN\easy-rsa>build-key-server.bat Generating a RSA private key. When prompted to sign the certificate, enter “ y”.When prompted, enter the “Common Name” as “ server”.Certificate Authority "OpenVPN-CA": Country Name (2 letter code) : State or Province Name (full name) : Locality Name (eg, city) : Organization Name (eg, company) : Organizational Unit Name (eg, section) : Common Name (eg, your name or your server's hostname) :OpenVPN-CA Email Address ]:ģ.Using the following command, we initiate the server’s certificate and key: build-key-server server These options will also have default values, which appear within brackets. In the next step, execute the following commands: vars clean-allġ.In order to create the Certificate Authority (CA) certificate and key, we need to run the following command: build-caĢ.This will prompt you to enter your country, state, and city. Note4: The PKCS11_ values refer to settings used for Hardware Security Modules and Smart Cards if you use them. Note3: The KEY_OU setting refers to an “Organizational Unit” and can be set to whatever if there isn’t a requirement for it. Note2:The KEY_CN and KEY_NAME settings refer to the common name field and the name of the certificate. Note1:The KEY_CN and KEY_NAME fields will be unique for each build request. set KEY_COUNTRY=US set KEY_PROVINCE=CA set KEY_CITY=SanFrancisco set KEY_ORG=OpenVPN set Click Yes in the User Account Control window.ģ.Navigate to the folder below: cd "C:\Program Files\OpenVPN\easy-rsa"Ĥ.You can now start configuring OpenVPN: init-configĥ.In this step, you need to open the vars.bat file in the text editor: notepad vars.batĦ.Edit the subsequent lines switching “ US”, “ CA,” etc.
Then right-click on Command Prompt and select Run as Administrator.Ģ.Right-click on Command Prompt. Go to the following path: C:\Program Files\OpenVPN\easy-rsaįolder using the administrative command prompt:ġ.Open the Start menu and type cmd.
On a Windows server, we begin by downloading the Windows installer and then running it on our Windows server.
Recommended Article: How to disable SELinux temporarily or permanently Install OpenVPN