Skip to content

Instantly share code, notes, and snippets.

@jriguera
Created March 9, 2015 01:00
Show Gist options
  • Save jriguera/258a07afaad140af2fce to your computer and use it in GitHub Desktop.
Save jriguera/258a07afaad140af2fce to your computer and use it in GitHub Desktop.
Create a new openvpn client
#!/bin/bash
# Create client for OpenVPN using easy-rsa
# create p12 certificate
PREFIX=lu
BASE_DIR="/etc/openvpn"
DEST_DIR="$BASE_DIR/clients"
EASY_DIR="$BASE_DIR/easy-rsa"
if [ "$#" -ne 1 ]; then
echo "Illegal number of parameters. Please provide client name"
exit 1
fi
NAME="${PREFIX}_${1}"
echo "Creating $NAME ..."
cd $EASY_DIR
source vars
./build-key "$NAME"
mv keys/$NAME.* $DEST_DIR
# create p12 certificate (for some clients)
cd $DEST_DIR
openssl pkcs12 -export -in $NAME.crt -inkey $NAME.key -certfile ../ca.crt -name $NAME -out $NAME.p12
echo
echo Copy the required certificates to the particular machine/device (server or client)
echo
echo The public ca.crt certificate is needed on all servers and clients
echo The private ca.key key is secret and only needed on the key generating machine
echo A server needs server.crt, dh2048.pem (public), server.key and ta.key (private)
echo A client needs client.crt (public), client.key and ta.key (private)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment