[Nottingham] Checking cert chains and configuring OpenSSL

Jason Irwin jasonirwin73 at gmail.com
Wed Oct 31 21:02:27 UTC 2018


On 31/10/2018 20:48, Martin via Nottingham wrote:
> Mmmmm... I've always run openVPN using self-signed certificates. No CA
> needed...
See....that's the weird thing. The CA (and the ICA) are both certs I created.
I'm beginning to think there is a disconnect between OpenWRT's OpenSSL and OpenVPN wiki pages.
Or it's a case of PICNIC (Problem In Chair, Not In Computer)
But one thing worries me, their OpenSSL stuff leave the certs and the keys on the router....which can't be right, can it?

> Can (securely) compare configs if useful?
Happy to have a chat (maybe Sunday?).
I do think I am missing something obvious in the OpenSSL bit.

-- 
╔═════════════╦═════════════════════════════════════════════╗
║ Jason Irwin ║ OpenPGP (GPG/PGP) Public Key: 0xD0C592B1    ║
║             ║ Import from hkp://pgp.mit.edu               ║
║             ║ Follow me https://social.irrwitz.com/@jason ║
╚═════════════╩═════════════════════════════════════════════╝



More information about the Nottingham mailing list