Ways to move certificates and ca from one server to another
本帖最後由 角色 於 2022-6-7 15:17 編輯
可以先参考[1]- /certificate
- export-certificate myCa export-passphrase=xxxxxxxx
- export-certificate server export-passphrase=xxxxxxxx
- Then on second router: /certificate
- import file-name=cert_export_myCa.crt passphrase="xxxxxxxx"
- import file-name=cert_export_myCa.key passphrase="xxxxxxxx"
- import file-name=cert_export_server.crt passphrase="xxxxxxxx"
- import file-name=cert_export_server.key passphrase="xxxxxxxx" After setting certificate for OpenVPN server and changing server.example.net to point to new router, client can connect again, without any changes required.
- /ceritifcate
- export-certificate tw.ca export-passphrase=12345678
- export-certificate tw.server export-passphrase=12345678
- export-certificate peter export-passphrase=12345678
The following scripts are used for importing certficates and keys of ca, server, and peter- /certificate
- import file-name=cert_export_tw.ca.crt passphrase="12345678"
- import file-name=cert_export_tw.ca.key passphrase="12345678"
- import file-name=cert_export_tw.server.crt passphrase="12345678"
- import file-name=cert_export_tw.server.key passphrase="12345678"
- import file-name=cert_export_peter.crt passphrase="12345678"
- import file-name=cert_export_peter.key passphrase="12345678"
还有import user’s certificates,可以采用pk12 format(包含user certificate and private key)。
References:
[1] BOUNTY for help offered - hardware upgrade - certificate export/import issue Link
[2] Can't Revoke Certificates after Importing to new hardware - has private key Link |
發表於 2022-6-7 10:52
| 
谢谢角色的经验!