网上大多数搭建openvpn的教程里,大多是这样说的(见下面的斜体字):
./build-key client2
./build-key client3)
# ./build-dh
但是当我运行./build-key client2,却出现提示:
as3:/etc/openvpn/easy-rsa/2.0# ./build-key client2
Please edit the vars script to reflect your configuration,
then source it with "source ./vars".
Next, to start with a fresh PKI configuration and to delete any
previous certificates and keys, run "./clean-all".
Finally, you can run this tool (pkitool) to build certificates/keys.
as3:/etc/openvpn/easy-rsa/2.0#
这时,你可这样做:
# source ./vars
# ./build-key client2 (这样在/etc/openvpn/easy-rsa/2.0/keys/里面就会生成client2.crt,client2.key)
把/etc/openvpn/easy-rsa/2.0/keys/里面的client2.crt,client2.key用winscp下载到本地电脑,(ca.crt之前和client1.crt,client1.key一起下载过,无需再次下载)然后复制到c:\program files\openvpn\config\里面。(如果里面有同名文件,需把此二文件更名)
然后新建客户机的配置文件client2.ovpn。这样用client2的证书文件和key文件即可连上openvpn server.
生成证书cd /etc/openvpn/easy-rsa/2.0/ # . ./vars (第一个点后有一个空格) # ./clean-all # ./build-ca # ./build-key-server server # ./build-key client1(以此类推建立其他客户端的key
./build-key client2
./build-key client3)
# ./build-dh
但是当我运行./build-key client2,却出现提示:
as3:/etc/openvpn/easy-rsa/2.0# ./build-key client2
Please edit the vars script to reflect your configuration,
then source it with "source ./vars".
Next, to start with a fresh PKI configuration and to delete any
previous certificates and keys, run "./clean-all".
Finally, you can run this tool (pkitool) to build certificates/keys.
as3:/etc/openvpn/easy-rsa/2.0#
这时,你可这样做:
# source ./vars
# ./build-key client2 (这样在/etc/openvpn/easy-rsa/2.0/keys/里面就会生成client2.crt,client2.key)
把/etc/openvpn/easy-rsa/2.0/keys/里面的client2.crt,client2.key用winscp下载到本地电脑,(ca.crt之前和client1.crt,client1.key一起下载过,无需再次下载)然后复制到c:\program files\openvpn\config\里面。(如果里面有同名文件,需把此二文件更名)
然后新建客户机的配置文件client2.ovpn。这样用client2的证书文件和key文件即可连上openvpn server.
