Initial commit
This commit is contained in:
3
AK/openvpn/gw-ckubu/ccd/server-gw-ckubu/VPN-AK-gw-ckubu
Normal file
3
AK/openvpn/gw-ckubu/ccd/server-gw-ckubu/VPN-AK-gw-ckubu
Normal file
@ -0,0 +1,3 @@
|
||||
ifconfig-push 10.1.0.2 255.255.255.0
|
||||
iroute 192.168.63.0 255.255.255.0
|
||||
iroute 192.168.64.0 255.255.255.0
|
||||
18
AK/openvpn/gw-ckubu/crl.pem
Normal file
18
AK/openvpn/gw-ckubu/crl.pem
Normal file
@ -0,0 +1,18 @@
|
||||
-----BEGIN X509 CRL-----
|
||||
MIIC5TCBzjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUxDzANBgNVBAgT
|
||||
BkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4xGTAXBgNV
|
||||
BAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEPMA0GA1UEKRMG
|
||||
VlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZRcNMTgwMjA2MTMz
|
||||
MDQ3WhgPMjA1MDAyMDYxMzMwNDdaMA0GCSqGSIb3DQEBCwUAA4ICAQCg8eMriESd
|
||||
fkBH1MRBGj3H7adLmuaI2h3eOMvzFo2wr6jR6JKBwBSzcA/ySEr+bHZkJ0fPgOCJ
|
||||
wmyajWh7gQhtdzJYCxVPca3l7g/sd9i62+mRKCvEj3LSHXIMt3oQYAXzWQsSRxX6
|
||||
/oggV5fthr6t7Eu8a9FwBbzJDf6UGMYpqlLolO1N1CsyEVKQT3WogvlOSn5qjXDq
|
||||
fKMBqKdN4Ni8/1RT7UGRlGHaRx3J84xhn68njNAxWjcAA21KqNXH3JLMC0G62HSb
|
||||
4jWNH9yKpSw8GQ0O3qpXeZwLblCyWVmMSlh/o2QgOqBskEjR0qPD7mqfBXVj4YJl
|
||||
pGoiEsSgmeMHeqs24VuIU051+yAmJeI9E9F85C2ExUqkCR6NdfE0SI5SfgC7KN65
|
||||
RlCC/mIFB5vLXJRRriEjEIhP7iaj43GlL+f86ZIUhKEn3zjFDvj0cba1D5CFMq2v
|
||||
jhkbd6cGVUcS0ebqdca2FdVMUumXC+AmXQswfbBVAR4lYNDkenacxm2F7Uljlmdp
|
||||
FQmAfLUBOXkSnU7Yy9Sz+9CANc+xQn854+WTATkjx8B2UckEsYB1ZI7qwWODs8M0
|
||||
5gupokTLmOta7sDk1ghS/iL+1rx8dadrLaniQczgtN5Izicu6zXdfqv/w0a8lbGr
|
||||
JhhqczL4Gu3WW4FTmkwAmq7wArJil1zLaA==
|
||||
-----END X509 CRL-----
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-ca
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-ca
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-ca
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-dh
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-dh
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-dh
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-inter
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-inter
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-inter
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-key
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-key
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-key
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-pass
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-pass
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-key-pass
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-pkcs12
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-pkcs12
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-key-pkcs12
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-server
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-key-server
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-key-server
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-req
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-req
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-req
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/build-req-pass
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/build-req-pass
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/build-req-pass
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/clean-all
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/clean-all
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/clean-all
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/inherit-inter
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/inherit-inter
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/inherit-inter
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/list-crl
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/list-crl
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/list-crl
|
||||
268
AK/openvpn/gw-ckubu/easy-rsa/openssl-0.9.6.cnf
Normal file
268
AK/openvpn/gw-ckubu/easy-rsa/openssl-0.9.6.cnf
Normal file
@ -0,0 +1,268 @@
|
||||
# For use with easy-rsa version 2.0
|
||||
|
||||
#
|
||||
# OpenSSL example configuration file.
|
||||
# This is mostly being used for generation of certificate requests.
|
||||
#
|
||||
|
||||
# This definition stops the following lines choking if HOME isn't
|
||||
# defined.
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
|
||||
# Extra OBJECT IDENTIFIER info:
|
||||
#oid_file = $ENV::HOME/.oid
|
||||
oid_section = new_oids
|
||||
|
||||
# To use this configuration file with the "-extfile" option of the
|
||||
# "openssl x509" utility, name here the section containing the
|
||||
# X.509v3 extensions to use:
|
||||
# extensions =
|
||||
# (Alternatively, use a configuration file that has only
|
||||
# X.509v3 extensions in its main [= default] section.)
|
||||
|
||||
[ new_oids ]
|
||||
|
||||
# We can add new OIDs in here for use by 'ca' and 'req'.
|
||||
# Add a simple OID like this:
|
||||
# testoid1=1.2.3.4
|
||||
# Or use config file substitution like this:
|
||||
# testoid2=${testoid1}.5.6
|
||||
|
||||
####################################################################
|
||||
[ ca ]
|
||||
default_ca = CA_default # The default ca section
|
||||
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = $ENV::KEY_DIR # Where everything is kept
|
||||
certs = $dir # Where the issued certs are kept
|
||||
crl_dir = $dir # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
new_certs_dir = $dir # default place for new certs.
|
||||
|
||||
certificate = $dir/ca.crt # The CA certificate
|
||||
serial = $dir/serial # The current serial number
|
||||
crl = $dir/crl.pem # The current CRL
|
||||
private_key = $dir/ca.key # The private key
|
||||
RANDFILE = $dir/.rand # private random number file
|
||||
|
||||
x509_extensions = usr_cert # The extentions to add to the cert
|
||||
|
||||
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||
# so this is commented out by default to leave a V1 CRL.
|
||||
# crl_extensions = crl_ext
|
||||
|
||||
default_days = 3650 # how long to certify for
|
||||
default_crl_days= 30 # how long before next CRL
|
||||
default_md = sha256 # which md to use.
|
||||
preserve = no # keep passed DN ordering
|
||||
|
||||
# A few difference way of specifying how similar the request should look
|
||||
# For type CA, the listed attributes must be the same, and the optional
|
||||
# and supplied fields are just that :-)
|
||||
policy = policy_anything
|
||||
|
||||
# For the CA policy
|
||||
[ policy_match ]
|
||||
countryName = match
|
||||
stateOrProvinceName = match
|
||||
organizationName = match
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
emailAddress = optional
|
||||
|
||||
# For the 'anything' policy
|
||||
# At this point in time, you must list all acceptable 'object'
|
||||
# types.
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = $ENV::KEY_SIZE
|
||||
default_keyfile = privkey.pem
|
||||
default_md = sha256
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
x509_extensions = v3_ca # The extentions to add to the self signed cert
|
||||
|
||||
# Passwords for private keys if not present they will be prompted for
|
||||
# input_password = secret
|
||||
# output_password = secret
|
||||
|
||||
# This sets a mask for permitted string types. There are several options.
|
||||
# default: PrintableString, T61String, BMPString.
|
||||
# pkix : PrintableString, BMPString.
|
||||
# utf8only: only UTF8Strings.
|
||||
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
||||
# MASK:XXXX a literal mask value.
|
||||
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
|
||||
# so use this option with caution!
|
||||
string_mask = nombstr
|
||||
|
||||
# req_extensions = v3_req # The extensions to add to a certificate request
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = $ENV::KEY_COUNTRY
|
||||
countryName_min = 2
|
||||
countryName_max = 2
|
||||
|
||||
stateOrProvinceName = State or Province Name (full name)
|
||||
stateOrProvinceName_default = $ENV::KEY_PROVINCE
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = $ENV::KEY_CITY
|
||||
|
||||
0.organizationName = Organization Name (eg, company)
|
||||
0.organizationName_default = $ENV::KEY_ORG
|
||||
|
||||
# we can do this but it is not needed normally :-)
|
||||
#1.organizationName = Second Organization Name (eg, company)
|
||||
#1.organizationName_default = World Wide Web Pty Ltd
|
||||
|
||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||
#organizationalUnitName_default =
|
||||
|
||||
commonName = Common Name (eg, your name or your server\'s hostname)
|
||||
commonName_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_default = $ENV::KEY_EMAIL
|
||||
emailAddress_max = 40
|
||||
|
||||
# JY -- added for batch mode
|
||||
organizationalUnitName_default = $ENV::KEY_OU
|
||||
commonName_default = $ENV::KEY_CN
|
||||
|
||||
# SET-ex3 = SET extension number 3
|
||||
|
||||
[ req_attributes ]
|
||||
challengePassword = A challenge password
|
||||
challengePassword_min = 4
|
||||
challengePassword_max = 20
|
||||
|
||||
unstructuredName = An optional company name
|
||||
|
||||
[ usr_cert ]
|
||||
|
||||
# These extensions are added when 'ca' signs a request.
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "Easy-RSA Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=clientAuth
|
||||
keyUsage = digitalSignature
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
[ server ]
|
||||
|
||||
# JY ADDED -- Make a cert with nsCertType set to "server"
|
||||
basicConstraints=CA:FALSE
|
||||
nsCertType = server
|
||||
nsComment = "Easy-RSA Generated Server Certificate"
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=serverAuth
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
[ v3_req ]
|
||||
|
||||
# Extensions to add to a certificate request
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
[ v3_ca ]
|
||||
|
||||
|
||||
# Extensions for a typical CA
|
||||
|
||||
|
||||
# PKIX recommendation.
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
# This is what PKIX recommends but some broken software chokes on critical
|
||||
# extensions.
|
||||
#basicConstraints = critical,CA:true
|
||||
# So we do this instead.
|
||||
basicConstraints = CA:true
|
||||
|
||||
# Key usage: this is typical for a CA certificate. However since it will
|
||||
# prevent it being used as an test self-signed certificate it is best
|
||||
# left out by default.
|
||||
# keyUsage = cRLSign, keyCertSign
|
||||
|
||||
# Some might want this also
|
||||
# nsCertType = sslCA, emailCA
|
||||
|
||||
# Include email address in subject alt name: another PKIX recommendation
|
||||
# subjectAltName=email:copy
|
||||
# Copy issuer details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
# DER hex encoding of an extension: beware experts only!
|
||||
# obj=DER:02:03
|
||||
# Where 'obj' is a standard or added object
|
||||
# You can even override a supported extension:
|
||||
# basicConstraints= critical, DER:30:03:01:01:FF
|
||||
|
||||
[ crl_ext ]
|
||||
|
||||
# CRL extensions.
|
||||
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
293
AK/openvpn/gw-ckubu/easy-rsa/openssl-0.9.8.cnf
Normal file
293
AK/openvpn/gw-ckubu/easy-rsa/openssl-0.9.8.cnf
Normal file
@ -0,0 +1,293 @@
|
||||
# For use with easy-rsa version 2.0
|
||||
|
||||
#
|
||||
# OpenSSL example configuration file.
|
||||
# This is mostly being used for generation of certificate requests.
|
||||
#
|
||||
|
||||
# This definition stops the following lines choking if HOME isn't
|
||||
# defined.
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
openssl_conf = openssl_init
|
||||
|
||||
[ openssl_init ]
|
||||
# Extra OBJECT IDENTIFIER info:
|
||||
#oid_file = $ENV::HOME/.oid
|
||||
oid_section = new_oids
|
||||
engines = engine_section
|
||||
|
||||
# To use this configuration file with the "-extfile" option of the
|
||||
# "openssl x509" utility, name here the section containing the
|
||||
# X.509v3 extensions to use:
|
||||
# extensions =
|
||||
# (Alternatively, use a configuration file that has only
|
||||
# X.509v3 extensions in its main [= default] section.)
|
||||
|
||||
[ new_oids ]
|
||||
|
||||
# We can add new OIDs in here for use by 'ca' and 'req'.
|
||||
# Add a simple OID like this:
|
||||
# testoid1=1.2.3.4
|
||||
# Or use config file substitution like this:
|
||||
# testoid2=${testoid1}.5.6
|
||||
|
||||
####################################################################
|
||||
[ ca ]
|
||||
default_ca = CA_default # The default ca section
|
||||
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = $ENV::KEY_DIR # Where everything is kept
|
||||
certs = $dir # Where the issued certs are kept
|
||||
crl_dir = $dir # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
new_certs_dir = $dir # default place for new certs.
|
||||
|
||||
certificate = $dir/ca.crt # The CA certificate
|
||||
serial = $dir/serial # The current serial number
|
||||
crl = $dir/crl.pem # The current CRL
|
||||
private_key = $dir/ca.key # The private key
|
||||
RANDFILE = $dir/.rand # private random number file
|
||||
|
||||
x509_extensions = usr_cert # The extentions to add to the cert
|
||||
|
||||
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||
# so this is commented out by default to leave a V1 CRL.
|
||||
# crl_extensions = crl_ext
|
||||
|
||||
default_days = 3650 # how long to certify for
|
||||
default_crl_days= 30 # how long before next CRL
|
||||
default_md = sha256 # which md to use.
|
||||
preserve = no # keep passed DN ordering
|
||||
|
||||
# A few difference way of specifying how similar the request should look
|
||||
# For type CA, the listed attributes must be the same, and the optional
|
||||
# and supplied fields are just that :-)
|
||||
policy = policy_anything
|
||||
|
||||
# For the CA policy
|
||||
[ policy_match ]
|
||||
countryName = match
|
||||
stateOrProvinceName = match
|
||||
organizationName = match
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
# For the 'anything' policy
|
||||
# At this point in time, you must list all acceptable 'object'
|
||||
# types.
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = $ENV::KEY_SIZE
|
||||
default_keyfile = privkey.pem
|
||||
default_md = sha256
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
x509_extensions = v3_ca # The extentions to add to the self signed cert
|
||||
|
||||
# Passwords for private keys if not present they will be prompted for
|
||||
# input_password = secret
|
||||
# output_password = secret
|
||||
|
||||
# This sets a mask for permitted string types. There are several options.
|
||||
# default: PrintableString, T61String, BMPString.
|
||||
# pkix : PrintableString, BMPString.
|
||||
# utf8only: only UTF8Strings.
|
||||
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
||||
# MASK:XXXX a literal mask value.
|
||||
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
|
||||
# so use this option with caution!
|
||||
string_mask = nombstr
|
||||
|
||||
# req_extensions = v3_req # The extensions to add to a certificate request
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = $ENV::KEY_COUNTRY
|
||||
countryName_min = 2
|
||||
countryName_max = 2
|
||||
|
||||
stateOrProvinceName = State or Province Name (full name)
|
||||
stateOrProvinceName_default = $ENV::KEY_PROVINCE
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = $ENV::KEY_CITY
|
||||
|
||||
0.organizationName = Organization Name (eg, company)
|
||||
0.organizationName_default = $ENV::KEY_ORG
|
||||
|
||||
# we can do this but it is not needed normally :-)
|
||||
#1.organizationName = Second Organization Name (eg, company)
|
||||
#1.organizationName_default = World Wide Web Pty Ltd
|
||||
|
||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||
#organizationalUnitName_default =
|
||||
|
||||
commonName = Common Name (eg, your name or your server\'s hostname)
|
||||
commonName_max = 64
|
||||
|
||||
name = Name
|
||||
name_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_default = $ENV::KEY_EMAIL
|
||||
emailAddress_max = 40
|
||||
|
||||
# JY -- added for batch mode
|
||||
organizationalUnitName_default = $ENV::KEY_OU
|
||||
commonName_default = $ENV::KEY_CN
|
||||
name_default = $ENV::KEY_NAME
|
||||
|
||||
# SET-ex3 = SET extension number 3
|
||||
|
||||
[ req_attributes ]
|
||||
challengePassword = A challenge password
|
||||
challengePassword_min = 4
|
||||
challengePassword_max = 20
|
||||
|
||||
unstructuredName = An optional company name
|
||||
|
||||
[ usr_cert ]
|
||||
|
||||
# These extensions are added when 'ca' signs a request.
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "Easy-RSA Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=clientAuth
|
||||
keyUsage = digitalSignature
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
[ server ]
|
||||
|
||||
# JY ADDED -- Make a cert with nsCertType set to "server"
|
||||
basicConstraints=CA:FALSE
|
||||
nsCertType = server
|
||||
nsComment = "Easy-RSA Generated Server Certificate"
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=serverAuth
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
[ v3_req ]
|
||||
|
||||
# Extensions to add to a certificate request
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
[ v3_ca ]
|
||||
|
||||
|
||||
# Extensions for a typical CA
|
||||
|
||||
|
||||
# PKIX recommendation.
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
# This is what PKIX recommends but some broken software chokes on critical
|
||||
# extensions.
|
||||
#basicConstraints = critical,CA:true
|
||||
# So we do this instead.
|
||||
basicConstraints = CA:true
|
||||
|
||||
# Key usage: this is typical for a CA certificate. However since it will
|
||||
# prevent it being used as an test self-signed certificate it is best
|
||||
# left out by default.
|
||||
# keyUsage = cRLSign, keyCertSign
|
||||
|
||||
# Some might want this also
|
||||
# nsCertType = sslCA, emailCA
|
||||
|
||||
# Include email address in subject alt name: another PKIX recommendation
|
||||
# subjectAltName=email:copy
|
||||
# Copy issuer details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
# DER hex encoding of an extension: beware experts only!
|
||||
# obj=DER:02:03
|
||||
# Where 'obj' is a standard or added object
|
||||
# You can even override a supported extension:
|
||||
# basicConstraints= critical, DER:30:03:01:01:FF
|
||||
|
||||
[ crl_ext ]
|
||||
|
||||
# CRL extensions.
|
||||
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ engine_section ]
|
||||
#
|
||||
# If you are using PKCS#11
|
||||
# Install engine_pkcs11 of opensc (www.opensc.org)
|
||||
# And uncomment the following
|
||||
# verify that dynamic_path points to the correct location
|
||||
#
|
||||
#pkcs11 = pkcs11_section
|
||||
|
||||
[ pkcs11_section ]
|
||||
engine_id = pkcs11
|
||||
dynamic_path = /usr/lib/engines/engine_pkcs11.so
|
||||
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
|
||||
PIN = $ENV::PKCS11_PIN
|
||||
init = 0
|
||||
290
AK/openvpn/gw-ckubu/easy-rsa/openssl-1.0.0.cnf
Normal file
290
AK/openvpn/gw-ckubu/easy-rsa/openssl-1.0.0.cnf
Normal file
@ -0,0 +1,290 @@
|
||||
# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
|
||||
|
||||
# This definition stops the following lines choking if HOME isn't
|
||||
# defined.
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
openssl_conf = openssl_init
|
||||
|
||||
[ openssl_init ]
|
||||
# Extra OBJECT IDENTIFIER info:
|
||||
#oid_file = $ENV::HOME/.oid
|
||||
oid_section = new_oids
|
||||
engines = engine_section
|
||||
|
||||
# To use this configuration file with the "-extfile" option of the
|
||||
# "openssl x509" utility, name here the section containing the
|
||||
# X.509v3 extensions to use:
|
||||
# extensions =
|
||||
# (Alternatively, use a configuration file that has only
|
||||
# X.509v3 extensions in its main [= default] section.)
|
||||
|
||||
[ new_oids ]
|
||||
|
||||
# We can add new OIDs in here for use by 'ca' and 'req'.
|
||||
# Add a simple OID like this:
|
||||
# testoid1=1.2.3.4
|
||||
# Or use config file substitution like this:
|
||||
# testoid2=${testoid1}.5.6
|
||||
|
||||
####################################################################
|
||||
[ ca ]
|
||||
default_ca = CA_default # The default ca section
|
||||
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = $ENV::KEY_DIR # Where everything is kept
|
||||
certs = $dir # Where the issued certs are kept
|
||||
crl_dir = $dir # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
new_certs_dir = $dir # default place for new certs.
|
||||
|
||||
certificate = $dir/ca.crt # The CA certificate
|
||||
serial = $dir/serial # The current serial number
|
||||
crl = $dir/crl.pem # The current CRL
|
||||
private_key = $dir/ca.key # The private key
|
||||
RANDFILE = $dir/.rand # private random number file
|
||||
|
||||
x509_extensions = usr_cert # The extentions to add to the cert
|
||||
|
||||
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||
# so this is commented out by default to leave a V1 CRL.
|
||||
# crl_extensions = crl_ext
|
||||
|
||||
#default_days = 3650 # how long to certify for
|
||||
default_days = 11688
|
||||
#default_crl_days= 30 # how long before next CRL
|
||||
default_crl_days = 11688
|
||||
default_md = sha256 # use public key default MD
|
||||
preserve = no # keep passed DN ordering
|
||||
|
||||
# A few difference way of specifying how similar the request should look
|
||||
# For type CA, the listed attributes must be the same, and the optional
|
||||
# and supplied fields are just that :-)
|
||||
policy = policy_anything
|
||||
|
||||
# For the CA policy
|
||||
[ policy_match ]
|
||||
countryName = match
|
||||
stateOrProvinceName = match
|
||||
organizationName = match
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
# For the 'anything' policy
|
||||
# At this point in time, you must list all acceptable 'object'
|
||||
# types.
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = $ENV::KEY_SIZE
|
||||
default_keyfile = privkey.pem
|
||||
default_md = sha256
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
x509_extensions = v3_ca # The extentions to add to the self signed cert
|
||||
|
||||
# Passwords for private keys if not present they will be prompted for
|
||||
# input_password = secret
|
||||
# output_password = secret
|
||||
|
||||
# This sets a mask for permitted string types. There are several options.
|
||||
# default: PrintableString, T61String, BMPString.
|
||||
# pkix : PrintableString, BMPString (PKIX recommendation after 2004).
|
||||
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
|
||||
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
||||
# MASK:XXXX a literal mask value.
|
||||
string_mask = nombstr
|
||||
|
||||
# req_extensions = v3_req # The extensions to add to a certificate request
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = $ENV::KEY_COUNTRY
|
||||
countryName_min = 2
|
||||
countryName_max = 2
|
||||
|
||||
stateOrProvinceName = State or Province Name (full name)
|
||||
stateOrProvinceName_default = $ENV::KEY_PROVINCE
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = $ENV::KEY_CITY
|
||||
|
||||
0.organizationName = Organization Name (eg, company)
|
||||
0.organizationName_default = $ENV::KEY_ORG
|
||||
|
||||
# we can do this but it is not needed normally :-)
|
||||
#1.organizationName = Second Organization Name (eg, company)
|
||||
#1.organizationName_default = World Wide Web Pty Ltd
|
||||
|
||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||
#organizationalUnitName_default =
|
||||
|
||||
commonName = Common Name (eg, your name or your server\'s hostname)
|
||||
commonName_max = 64
|
||||
|
||||
name = Name
|
||||
name_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_default = $ENV::KEY_EMAIL
|
||||
emailAddress_max = 40
|
||||
|
||||
# JY -- added for batch mode
|
||||
organizationalUnitName_default = $ENV::KEY_OU
|
||||
commonName_default = $ENV::KEY_CN
|
||||
name_default = $ENV::KEY_NAME
|
||||
|
||||
|
||||
# SET-ex3 = SET extension number 3
|
||||
|
||||
[ req_attributes ]
|
||||
challengePassword = A challenge password
|
||||
challengePassword_min = 4
|
||||
challengePassword_max = 20
|
||||
|
||||
unstructuredName = An optional company name
|
||||
|
||||
[ usr_cert ]
|
||||
|
||||
# These extensions are added when 'ca' signs a request.
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "Easy-RSA Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=clientAuth
|
||||
keyUsage = digitalSignature
|
||||
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
[ server ]
|
||||
|
||||
# JY ADDED -- Make a cert with nsCertType set to "server"
|
||||
basicConstraints=CA:FALSE
|
||||
nsCertType = server
|
||||
nsComment = "Easy-RSA Generated Server Certificate"
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=serverAuth
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
[ v3_req ]
|
||||
|
||||
# Extensions to add to a certificate request
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
[ v3_ca ]
|
||||
|
||||
|
||||
# Extensions for a typical CA
|
||||
|
||||
|
||||
# PKIX recommendation.
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
# This is what PKIX recommends but some broken software chokes on critical
|
||||
# extensions.
|
||||
#basicConstraints = critical,CA:true
|
||||
# So we do this instead.
|
||||
basicConstraints = CA:true
|
||||
|
||||
# Key usage: this is typical for a CA certificate. However since it will
|
||||
# prevent it being used as an test self-signed certificate it is best
|
||||
# left out by default.
|
||||
# keyUsage = cRLSign, keyCertSign
|
||||
|
||||
# Some might want this also
|
||||
# nsCertType = sslCA, emailCA
|
||||
|
||||
# Include email address in subject alt name: another PKIX recommendation
|
||||
# subjectAltName=email:copy
|
||||
# Copy issuer details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
# DER hex encoding of an extension: beware experts only!
|
||||
# obj=DER:02:03
|
||||
# Where 'obj' is a standard or added object
|
||||
# You can even override a supported extension:
|
||||
# basicConstraints= critical, DER:30:03:01:01:FF
|
||||
|
||||
[ crl_ext ]
|
||||
|
||||
# CRL extensions.
|
||||
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ engine_section ]
|
||||
#
|
||||
# If you are using PKCS#11
|
||||
# Install engine_pkcs11 of opensc (www.opensc.org)
|
||||
# And uncomment the following
|
||||
# verify that dynamic_path points to the correct location
|
||||
#
|
||||
#pkcs11 = pkcs11_section
|
||||
|
||||
[ pkcs11_section ]
|
||||
engine_id = pkcs11
|
||||
dynamic_path = /usr/lib/engines/engine_pkcs11.so
|
||||
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
|
||||
PIN = $ENV::PKCS11_PIN
|
||||
init = 0
|
||||
288
AK/openvpn/gw-ckubu/easy-rsa/openssl-1.0.0.cnf.ORIG
Normal file
288
AK/openvpn/gw-ckubu/easy-rsa/openssl-1.0.0.cnf.ORIG
Normal file
@ -0,0 +1,288 @@
|
||||
# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
|
||||
|
||||
# This definition stops the following lines choking if HOME isn't
|
||||
# defined.
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
openssl_conf = openssl_init
|
||||
|
||||
[ openssl_init ]
|
||||
# Extra OBJECT IDENTIFIER info:
|
||||
#oid_file = $ENV::HOME/.oid
|
||||
oid_section = new_oids
|
||||
engines = engine_section
|
||||
|
||||
# To use this configuration file with the "-extfile" option of the
|
||||
# "openssl x509" utility, name here the section containing the
|
||||
# X.509v3 extensions to use:
|
||||
# extensions =
|
||||
# (Alternatively, use a configuration file that has only
|
||||
# X.509v3 extensions in its main [= default] section.)
|
||||
|
||||
[ new_oids ]
|
||||
|
||||
# We can add new OIDs in here for use by 'ca' and 'req'.
|
||||
# Add a simple OID like this:
|
||||
# testoid1=1.2.3.4
|
||||
# Or use config file substitution like this:
|
||||
# testoid2=${testoid1}.5.6
|
||||
|
||||
####################################################################
|
||||
[ ca ]
|
||||
default_ca = CA_default # The default ca section
|
||||
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = $ENV::KEY_DIR # Where everything is kept
|
||||
certs = $dir # Where the issued certs are kept
|
||||
crl_dir = $dir # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
new_certs_dir = $dir # default place for new certs.
|
||||
|
||||
certificate = $dir/ca.crt # The CA certificate
|
||||
serial = $dir/serial # The current serial number
|
||||
crl = $dir/crl.pem # The current CRL
|
||||
private_key = $dir/ca.key # The private key
|
||||
RANDFILE = $dir/.rand # private random number file
|
||||
|
||||
x509_extensions = usr_cert # The extentions to add to the cert
|
||||
|
||||
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
||||
# so this is commented out by default to leave a V1 CRL.
|
||||
# crl_extensions = crl_ext
|
||||
|
||||
default_days = 3650 # how long to certify for
|
||||
default_crl_days= 30 # how long before next CRL
|
||||
default_md = sha256 # use public key default MD
|
||||
preserve = no # keep passed DN ordering
|
||||
|
||||
# A few difference way of specifying how similar the request should look
|
||||
# For type CA, the listed attributes must be the same, and the optional
|
||||
# and supplied fields are just that :-)
|
||||
policy = policy_anything
|
||||
|
||||
# For the CA policy
|
||||
[ policy_match ]
|
||||
countryName = match
|
||||
stateOrProvinceName = match
|
||||
organizationName = match
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
# For the 'anything' policy
|
||||
# At this point in time, you must list all acceptable 'object'
|
||||
# types.
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
name = optional
|
||||
emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = $ENV::KEY_SIZE
|
||||
default_keyfile = privkey.pem
|
||||
default_md = sha256
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
x509_extensions = v3_ca # The extentions to add to the self signed cert
|
||||
|
||||
# Passwords for private keys if not present they will be prompted for
|
||||
# input_password = secret
|
||||
# output_password = secret
|
||||
|
||||
# This sets a mask for permitted string types. There are several options.
|
||||
# default: PrintableString, T61String, BMPString.
|
||||
# pkix : PrintableString, BMPString (PKIX recommendation after 2004).
|
||||
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
|
||||
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
||||
# MASK:XXXX a literal mask value.
|
||||
string_mask = nombstr
|
||||
|
||||
# req_extensions = v3_req # The extensions to add to a certificate request
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = $ENV::KEY_COUNTRY
|
||||
countryName_min = 2
|
||||
countryName_max = 2
|
||||
|
||||
stateOrProvinceName = State or Province Name (full name)
|
||||
stateOrProvinceName_default = $ENV::KEY_PROVINCE
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = $ENV::KEY_CITY
|
||||
|
||||
0.organizationName = Organization Name (eg, company)
|
||||
0.organizationName_default = $ENV::KEY_ORG
|
||||
|
||||
# we can do this but it is not needed normally :-)
|
||||
#1.organizationName = Second Organization Name (eg, company)
|
||||
#1.organizationName_default = World Wide Web Pty Ltd
|
||||
|
||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||
#organizationalUnitName_default =
|
||||
|
||||
commonName = Common Name (eg, your name or your server\'s hostname)
|
||||
commonName_max = 64
|
||||
|
||||
name = Name
|
||||
name_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_default = $ENV::KEY_EMAIL
|
||||
emailAddress_max = 40
|
||||
|
||||
# JY -- added for batch mode
|
||||
organizationalUnitName_default = $ENV::KEY_OU
|
||||
commonName_default = $ENV::KEY_CN
|
||||
name_default = $ENV::KEY_NAME
|
||||
|
||||
|
||||
# SET-ex3 = SET extension number 3
|
||||
|
||||
[ req_attributes ]
|
||||
challengePassword = A challenge password
|
||||
challengePassword_min = 4
|
||||
challengePassword_max = 20
|
||||
|
||||
unstructuredName = An optional company name
|
||||
|
||||
[ usr_cert ]
|
||||
|
||||
# These extensions are added when 'ca' signs a request.
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "Easy-RSA Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=clientAuth
|
||||
keyUsage = digitalSignature
|
||||
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
[ server ]
|
||||
|
||||
# JY ADDED -- Make a cert with nsCertType set to "server"
|
||||
basicConstraints=CA:FALSE
|
||||
nsCertType = server
|
||||
nsComment = "Easy-RSA Generated Server Certificate"
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
extendedKeyUsage=serverAuth
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName=$ENV::KEY_ALTNAMES
|
||||
|
||||
[ v3_req ]
|
||||
|
||||
# Extensions to add to a certificate request
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
[ v3_ca ]
|
||||
|
||||
|
||||
# Extensions for a typical CA
|
||||
|
||||
|
||||
# PKIX recommendation.
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
# This is what PKIX recommends but some broken software chokes on critical
|
||||
# extensions.
|
||||
#basicConstraints = critical,CA:true
|
||||
# So we do this instead.
|
||||
basicConstraints = CA:true
|
||||
|
||||
# Key usage: this is typical for a CA certificate. However since it will
|
||||
# prevent it being used as an test self-signed certificate it is best
|
||||
# left out by default.
|
||||
# keyUsage = cRLSign, keyCertSign
|
||||
|
||||
# Some might want this also
|
||||
# nsCertType = sslCA, emailCA
|
||||
|
||||
# Include email address in subject alt name: another PKIX recommendation
|
||||
# subjectAltName=email:copy
|
||||
# Copy issuer details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
# DER hex encoding of an extension: beware experts only!
|
||||
# obj=DER:02:03
|
||||
# Where 'obj' is a standard or added object
|
||||
# You can even override a supported extension:
|
||||
# basicConstraints= critical, DER:30:03:01:01:FF
|
||||
|
||||
[ crl_ext ]
|
||||
|
||||
# CRL extensions.
|
||||
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ engine_section ]
|
||||
#
|
||||
# If you are using PKCS#11
|
||||
# Install engine_pkcs11 of opensc (www.opensc.org)
|
||||
# And uncomment the following
|
||||
# verify that dynamic_path points to the correct location
|
||||
#
|
||||
#pkcs11 = pkcs11_section
|
||||
|
||||
[ pkcs11_section ]
|
||||
engine_id = pkcs11
|
||||
dynamic_path = /usr/lib/engines/engine_pkcs11.so
|
||||
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
|
||||
PIN = $ENV::PKCS11_PIN
|
||||
init = 0
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/openssl.cnf
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/openssl.cnf
Symbolic link
@ -0,0 +1 @@
|
||||
/etc/openvpn/gw-ckubu/easy-rsa/openssl-1.0.0.cnf
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/pkitool
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/pkitool
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/pkitool
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/revoke-full
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/revoke-full
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/revoke-full
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/sign-req
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/sign-req
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/sign-req
|
||||
96
AK/openvpn/gw-ckubu/easy-rsa/vars
Normal file
96
AK/openvpn/gw-ckubu/easy-rsa/vars
Normal file
@ -0,0 +1,96 @@
|
||||
# easy-rsa parameter settings
|
||||
|
||||
# NOTE: If you installed from an RPM,
|
||||
# don't edit this file in place in
|
||||
# /usr/share/openvpn/easy-rsa --
|
||||
# instead, you should copy the whole
|
||||
# easy-rsa directory to another location
|
||||
# (such as /etc/openvpn) so that your
|
||||
# edits will not be wiped out by a future
|
||||
# OpenVPN package upgrade.
|
||||
|
||||
# This variable should point to
|
||||
# the top level of the easy-rsa
|
||||
# tree.
|
||||
##export EASY_RSA="`pwd`"
|
||||
export BASE_DIR="/etc/openvpn/gw-ckubu"
|
||||
export EASY_RSA="$BASE_DIR/easy-rsa"
|
||||
|
||||
#
|
||||
# This variable should point to
|
||||
# the requested executables
|
||||
#
|
||||
export OPENSSL="openssl"
|
||||
export PKCS11TOOL="pkcs11-tool"
|
||||
export GREP="grep"
|
||||
|
||||
|
||||
# This variable should point to
|
||||
# the openssl.cnf file included
|
||||
# with easy-rsa.
|
||||
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
|
||||
|
||||
# Edit this variable to point to
|
||||
# your soon-to-be-created key
|
||||
# directory.
|
||||
#
|
||||
# WARNING: clean-all will do
|
||||
# a rm -rf on this directory
|
||||
# so make sure you define
|
||||
# it correctly!
|
||||
##export KEY_DIR="$EASY_RSA/keys"
|
||||
export KEY_DIR="$BASE_DIR/keys"
|
||||
|
||||
# Issue rm -rf warning
|
||||
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
|
||||
|
||||
# PKCS11 fixes
|
||||
export PKCS11_MODULE_PATH="dummy"
|
||||
export PKCS11_PIN="dummy"
|
||||
|
||||
# Increase this to 2048 if you
|
||||
# are paranoid. This will slow
|
||||
# down TLS negotiation performance
|
||||
# as well as the one-time DH parms
|
||||
# generation process.
|
||||
##export KEY_SIZE=2048
|
||||
export KEY_SIZE=4096
|
||||
|
||||
# In how many days should the root CA key expire?
|
||||
##export CA_EXPIRE=3650
|
||||
export CA_EXPIRE=11688
|
||||
|
||||
# In how many days should certificates expire?
|
||||
##export KEY_EXPIRE=3650
|
||||
export KEY_EXPIRE=7305
|
||||
|
||||
# These are the default values for fields
|
||||
# which will be placed in the certificate.
|
||||
# Don't leave any of these fields blank.
|
||||
##export KEY_COUNTRY="US"
|
||||
export KEY_COUNTRY="DE"
|
||||
##export KEY_PROVINCE="CA"
|
||||
export KEY_PROVINCE="Berlin"
|
||||
##export KEY_CITY="SanFrancisco"
|
||||
export KEY_CITY="Berlin"
|
||||
##export KEY_ORG="Fort-Funston"
|
||||
export KEY_ORG="o.open"
|
||||
##export KEY_EMAIL="me@myhost.mydomain"
|
||||
export KEY_EMAIL="argus@oopen.de"
|
||||
##export KEY_OU="MyOrganizationalUnit"
|
||||
export KEY_OU="Network Services"
|
||||
|
||||
# X509 Subject Field
|
||||
##export KEY_NAME="EasyRSA"
|
||||
export KEY_NAME="VPN AK"
|
||||
|
||||
# PKCS11 Smart Card
|
||||
# export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
|
||||
# export PKCS11_PIN=1234
|
||||
|
||||
# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
|
||||
# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
|
||||
## export KEY_CN="CommonName"
|
||||
export KEY_CN="VPN-AK"
|
||||
|
||||
export KEY_ALTNAMES="VPN AK"
|
||||
80
AK/openvpn/gw-ckubu/easy-rsa/vars.2018-02-06-1337
Normal file
80
AK/openvpn/gw-ckubu/easy-rsa/vars.2018-02-06-1337
Normal file
@ -0,0 +1,80 @@
|
||||
# easy-rsa parameter settings
|
||||
|
||||
# NOTE: If you installed from an RPM,
|
||||
# don't edit this file in place in
|
||||
# /usr/share/openvpn/easy-rsa --
|
||||
# instead, you should copy the whole
|
||||
# easy-rsa directory to another location
|
||||
# (such as /etc/openvpn) so that your
|
||||
# edits will not be wiped out by a future
|
||||
# OpenVPN package upgrade.
|
||||
|
||||
# This variable should point to
|
||||
# the top level of the easy-rsa
|
||||
# tree.
|
||||
export EASY_RSA="`pwd`"
|
||||
|
||||
#
|
||||
# This variable should point to
|
||||
# the requested executables
|
||||
#
|
||||
export OPENSSL="openssl"
|
||||
export PKCS11TOOL="pkcs11-tool"
|
||||
export GREP="grep"
|
||||
|
||||
|
||||
# This variable should point to
|
||||
# the openssl.cnf file included
|
||||
# with easy-rsa.
|
||||
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
|
||||
|
||||
# Edit this variable to point to
|
||||
# your soon-to-be-created key
|
||||
# directory.
|
||||
#
|
||||
# WARNING: clean-all will do
|
||||
# a rm -rf on this directory
|
||||
# so make sure you define
|
||||
# it correctly!
|
||||
export KEY_DIR="$EASY_RSA/keys"
|
||||
|
||||
# Issue rm -rf warning
|
||||
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
|
||||
|
||||
# PKCS11 fixes
|
||||
export PKCS11_MODULE_PATH="dummy"
|
||||
export PKCS11_PIN="dummy"
|
||||
|
||||
# Increase this to 2048 if you
|
||||
# are paranoid. This will slow
|
||||
# down TLS negotiation performance
|
||||
# as well as the one-time DH parms
|
||||
# generation process.
|
||||
export KEY_SIZE=2048
|
||||
|
||||
# In how many days should the root CA key expire?
|
||||
export CA_EXPIRE=3650
|
||||
|
||||
# In how many days should certificates expire?
|
||||
export KEY_EXPIRE=3650
|
||||
|
||||
# These are the default values for fields
|
||||
# which will be placed in the certificate.
|
||||
# Don't leave any of these fields blank.
|
||||
export KEY_COUNTRY="US"
|
||||
export KEY_PROVINCE="CA"
|
||||
export KEY_CITY="SanFrancisco"
|
||||
export KEY_ORG="Fort-Funston"
|
||||
export KEY_EMAIL="me@myhost.mydomain"
|
||||
export KEY_OU="MyOrganizationalUnit"
|
||||
|
||||
# X509 Subject Field
|
||||
export KEY_NAME="EasyRSA"
|
||||
|
||||
# PKCS11 Smart Card
|
||||
# export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
|
||||
# export PKCS11_PIN=1234
|
||||
|
||||
# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
|
||||
# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
|
||||
# export KEY_CN="CommonName"
|
||||
1
AK/openvpn/gw-ckubu/easy-rsa/whichopensslcnf
Symbolic link
1
AK/openvpn/gw-ckubu/easy-rsa/whichopensslcnf
Symbolic link
@ -0,0 +1 @@
|
||||
/usr/share/easy-rsa/whichopensslcnf
|
||||
257
AK/openvpn/gw-ckubu/gw-ckubu.conf
Normal file
257
AK/openvpn/gw-ckubu/gw-ckubu.conf
Normal file
@ -0,0 +1,257 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ak.oopen.de 1195
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIGxjCCBK6gAwIBAgIJALRp90TzgA00MA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEPMA0GA1UEAxMG
|
||||
VlBOLUFLMQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
|
||||
cGVuLmRlMCAXDTE4MDIwNjEyNDAwN1oYDzIwNTAwMjA2MTI0MDA3WjCBnDELMAkG
|
||||
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
|
||||
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMT
|
||||
BlZQTi1BSzEPMA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
|
||||
b3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMNalpNk0cB
|
||||
wPdZemz4r4TIhtRSxZEEg9yhTRo9LdMa6oNo1gpg3/60n9nBtA0cDnllx7Z37PvC
|
||||
Pg4RJksrB2ZYOB3oSo8LoMzlA0lZl4AMKnxau1ZJI8OB9Ia+6uJxBnpwVULsL4sx
|
||||
ds9pHsnXU74UWgdZPAHsfWhogMtk8TsikLFv7P6oxg3fXeVriWP/SUETTWHgSD3x
|
||||
gPsnrcGqlCPcfb/mH5SU+v+ge+iue0BXe/1OZkJDHdj5vLZ4MiUCiVVslX36uqti
|
||||
sI3Jt2OyF9XQwu5wms3ioW3XydpPmbisRuI7qrTdnmT1iVhbk29eQK/yHrXvuuXQ
|
||||
i6PQAirBtMYD8tx5FbMJ6ueDcm0jTVedfHtdkWkBY84bBnecF7ys000fDzJs1YH2
|
||||
SP3cb0KbREG2RE5BE1OgUgg8odbJ7/K+Tp0VKEbJAZCwpaw+qAU9xfH3pDoSX+iD
|
||||
N+SXxnjSpamwGYmx+PGpwIe3RnlEx8XUcMbEBq5grq7aR7tYd5qh1NKTUKleGucD
|
||||
1izZeGLLkh81Gpx+KFXNm7lk3WDx3dqUXc3tJgpZsZJc3VI3UjO5WaYlrdTc6IQs
|
||||
3rD0rOGrETI/utLQI9PNFSis00h2LmcPVnEL0N/W71kHeOuytr1Tg1FyFGY7Wbth
|
||||
bei4c14kNkVUk1Ncfl07pMR+/i9yee3DAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQU
|
||||
EHXXKayMfThSNCInVWJK275Iub8wgdEGA1UdIwSByTCBxoAUEHXXKayMfThSNCIn
|
||||
VWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkTBlZQTiBBSzEd
|
||||
MBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84ANNDAMBgNVHRME
|
||||
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBIgCBt6v6t2HSqwkLKjgR1c2cDViPe
|
||||
WmX8E8maqaDIUopyvNzsZCXjqZ1RNnIHgFKZyZqXSzXRGHbUiohJ4WkkOy+QV64L
|
||||
/LUizsZkMJasjYQgcDcXu5sN9mIzGW6C5myjwtSYBWITPxLsedOQLIhYulLrCBa0
|
||||
A/gs/gfODm0opsCOuvQn33psUyLda/k9BE/9EHmOg37IRh/rQi3dyQaW2DGfCgZc
|
||||
GSIMsxobp4QbdUTJyyIoJW/ZK20Mam+IWNhptqCX/SXlx0pzakkdAulwMtUCPwyD
|
||||
8IJEy5ST+qBoctg1mSLts14ZYM63NRYKPfnSUN1JfQE5Sl624c8koVJcKjFnPdII
|
||||
cFwo9R+SQFDfTva/xRC8Ydwp1C8V+wnXtM9B1aigule5MXe8CQE4PZjG1Bh7992x
|
||||
GcKGBCWR/8JmfipvH4EJ9brS4ZsQ5snfJImBtmmVxSjXn1aE77UYNEp8GF2vW8CV
|
||||
7j+neVQtQdA16tXYH4bWy4MCpVCuoBj2ffTkN/5cp9xWHt9D1w73LxXHMEWoQojF
|
||||
cOeUda1VSwR17SiEy/lo3mRnWoT6AzLVwYzVQg0W8dc9wPcJ2EiVzQu6ccs2gIJV
|
||||
RtdV9iX+oAkwK3/lPB68LvfMEw3Qcy3OY9DmjZNajlv8HCTirBuGNaUwR6pZGqiG
|
||||
JN2zjAizahwZgQ==
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
|
||||
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
|
||||
Fw0xODAyMDYxMzM2NTRaFw0zODAyMDYxMzM2NTRaMIGlMQswCQYDVQQGEwJERTEP
|
||||
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
|
||||
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMPVlBOLUFLLWd3
|
||||
LWNrdWJ1MQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
|
||||
cGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1iJXRCsnhrkw
|
||||
vrvWg11+tAy89uYWXSt5lDxBVwuqoTEacmhnhfOT9yEDQys1jSm8u4FET2UUzI9g
|
||||
SNYFigYnKoVjjKKxGtlK2Bt9qgu36WlfzlnqNiKvUO2aHnxNwRNvI7b4YI2/uk3V
|
||||
gZAAQdH4DiR0rFSDNmBKyvMQKP6ix1dy4+riACIP22n/bltEp9KmYkoU5XomS+DM
|
||||
Fqd5wvCt/A18n3x5Ijw1Z8EGz7YCzMqGrt2HA+zRL8r0d//DS3KfHrZH+5qrrrbl
|
||||
j8aHydvklLxDqqn+ZgbxKIRjOJ+DXG3MbGvk4gaUj/+fR5nfoBDxIxlA2wn+hXAX
|
||||
v6r/eVSPPs6kGqYLNJsw8qjtuG89PggyhkuNsCoOLY/JvtXMRzadcz3RIS5nnwQe
|
||||
EoLDtn+E9NbQlrj9XyKYbzCW2EMJANoNmHsCW/IZ0aKhd7C7lMNxaYGARAssNo+r
|
||||
gUXj1bUbJQBpHZOJj4AZV9um1YM4ef9v9hb0slYolHw6YS1ys3Ur38+/005gVFtR
|
||||
daFQLsUXvLavCALJRuWfFv6k6Vp/HyDlRiwL3kDCsy+ul+ll9DC42rMb6y7WxAnK
|
||||
7lN6I5mWLkL7aWY4Qj9Fa+OeavGweSSYOaEzGHhNulQ9pIsw9f3XEKGh1XhSojpK
|
||||
hHM40wuTmGMwb53GhX5jB3UPijMdbgECAwEAAaOCAWgwggFkMAkGA1UdEwQCMAAw
|
||||
LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
|
||||
BgNVHQ4EFgQUBYLo1mtxM1jb3ogF+1KEvfNNZDowgdEGA1UdIwSByTCBxoAUEHXX
|
||||
KayMfThSNCInVWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
|
||||
EwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYD
|
||||
VQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkT
|
||||
BlZQTiBBSzEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84AN
|
||||
NDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoII
|
||||
Z3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAHe1NvTTAE32RzjFyUZz72suEVrk
|
||||
OChnbtlokfhencfOZ+241jMswpg5aQDA2jY+lmEQW5tK4N+2hglTFHM4gW4b362b
|
||||
rJFEe0fCMl3r/cqdmZbDNXSm9xR7pSoIWt/2vo4ucZQzQEqN6CXA0/rOx84yPDj+
|
||||
UFHqvoOAAUbdBZOWqZ4Q+Qni5Y4QmUsGWaoK3LApKSEdfNxiKZkNZ6joWkjJiE45
|
||||
pdYd5qeUR1plixNhl5dITH0VfeM+85IXS6y9Tm4kb6tbLPO7KPu9vF/7UD0+Z+zM
|
||||
hA8nDu4CjQtN3aSq6Hazi17lDbjpYEWid2LQ0Epvh0c8PHcdNzpf3343/+fun+qH
|
||||
xKcEM/7BzyHtVaqPMRqLIMVx4+jAN2k9Lj7oswzTZa526G85kStfwZ5EzuHZ+53s
|
||||
2cH6ado+SZDbV2agrcjPri3Bmve36Ed0jLcAA0KcNVOKGfUuY/UR08j/0NbG12ZZ
|
||||
IZACPxtIiRcd97cvPXJIxn60LqvBkiRX9rRWA0se//hkCEbUC/w9YekDzDtKU5vw
|
||||
JdHjdPVX1NZgXOWom9lUFmWTzeTWC81iAG/YNw271yZ5be8RysAhx+u8ql5AuHL3
|
||||
tRsHj1TUbdBINePBvWexL2XdddojjwC3h42N7AvnMNW7ukSxzCog9eGxXmhKkTt9
|
||||
En3pD1oBbG67z5tL
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI62QkbYGv0EYCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM5hsq05gmbkBIIJSJV6xZtsAe56
|
||||
teLN4Bl1fR+qUAfmKm3q94RgI1f9Rc4MpBf64b61IgkVWnQ4ec4CAPnhe2FeUExh
|
||||
HGRoeBWR88WaTgNBo6+VUhTCYPAelLvGjhG9TUjn4sigSU3/nQos9NTEMiZjv4+j
|
||||
zQxhAxcdjWHOtUkScKz9EDAmU5EAais87VSg4a0AORgHNp88SOdTf56EqzZ5nh06
|
||||
NQwiUN4zlrTs2X3mnL9Xx9OPqkha4Ij2efr7eKN9Oex/IpQndH/5AUpNcjfn1sQw
|
||||
pokSOQK85AulhRVD9BMD+PTVsOy7xIrQkusv80NsZyqdCAGZLaRzw1aQv5tTLsD+
|
||||
pukAzv8rdaFX+k3+Pa3IZbjDGibPTw6Jy+2RY1XEOn7KD/PaULhWnNqioWG93Prh
|
||||
ShsAYUeAJaAmiY61D5ORiHVw0D3lUwBjuENd8AQ+y6ofIpdMnsJGzyfomswxSpz9
|
||||
CjwXUgdd99A+eeS/IDzDVECeAM0X/ugJ/gILa3ntK/DVVjap5UfCch6wpYnCYoIc
|
||||
p3aRYc5TeMR1U1DDrWt9c/4hB22dn5On0mSyC0K/eYdFYqZq+jDCNkMbvGRqFfCl
|
||||
qUP+SO+h6miAjakBymIZ/X4i82PucHqC+HXvcYbY4LttKEsztl+WcK8qXWxhgljv
|
||||
8dJLEqD6l4FmcdP1CCIpnMnYmjJLVmOVxhusWnSsbj9se55nL+mjtOCdWCMlAMr1
|
||||
06sz34Ujq1lfsB7nn+z7O+1ZuMU3qcgPigHXQYJRwpD+eCCUsKbKAPvCHqZxjtOR
|
||||
k9eDTQvJMsHFA0TCQ1sMPFhuMAkH+ZhW5Fn1Qguc52aG5oT+ABjhvtN1qKQhhu88
|
||||
AwfAPME60+1rmUwu75OZ22lDBVCmqu1MHQEtI7QoJqIXP9fY8bZk9XjgrqzYeQqV
|
||||
ls5DVJ48uY9BoMHYNFCwnSVmMFHIVPySSjZNN7LoEICevbr1iL3la8BtGaEFPo6V
|
||||
0u+xZMDB8uRoX4sc/yBavu85FWUEKP3P/IZ0Q7qhVd27Y+gZqGqm4HZ6SWMNx3qv
|
||||
zNfnfx8ChYWhMbZOAuurEJ/ge0lN5pHJQYPaHJ7J5UIXHclAXPKUJXiSam6XiIyo
|
||||
NAlxHvHItk5xnvgqq0m5jRkyhU+LcPplee7AIFptpk1Snrxv7weofqrUrRP0XPMr
|
||||
YUxQHbqq+P1XDJQzS/fk/CE3hvwoIPTcnsazvaymaMCN4f+yAIkIur26FoN1Egz0
|
||||
ed9zMuE/Q+Uy2wctVDf7ckcAvUJVmQO8ZeM81JO8qak424so9K+VK/1c5+nmwPx+
|
||||
HbzSzGCLvT/AsAsgAWuSnqSpfNkK78YHsZ0166CZgsuUxbr2QncU88m4u+nxvPhV
|
||||
88MTibkCopYa0fLgrdmM0KbgY0wCGBmMIgrSd77kKuKZuqtKKPvPClK8XeI5I1Kg
|
||||
vaeZslPTCFJQAmABLcbtZi5GejUlh3zxPXWwr0xHWt9QMxqXIbKz9w98ZVxB6JgG
|
||||
dc2eXN6Y53GWS2rPMCj57JnJzSOY7cH3mUcEAn8sZj3tfnhvjyjrLoVW6DS9DxH6
|
||||
+hrYeEH2SB4VFo9LAkQf8nXGmf6Drc2CuHBggdL6E7eiqJwpFxJyWZF9cAyUIKNY
|
||||
3QGe01nD7/FJ2OdQ3TewwJdO6VM9MCacCg5Tu3CCaBn/ROMDeJ6waxCAaWC0a3ye
|
||||
/qF72uUPBnGmepCL8UNty5EHGJEQdLsFUqcz6esBd5QsJQFd4a6Dj+6dygHA5pFS
|
||||
imsM3CvEucQLinv14T2MlSfEHGKG838XcNz45z55C6LRWmDo8YhGJpyWLTRanOPO
|
||||
YgzRW64jjoowmCOYN+dHMu2N8TuHJaGtNywwzJS/hAmGywn8nQjm2hBBgmzbP4Z9
|
||||
mv/j3sym/S43HLgoxFXdyy+A4mWhC6DYyqctC5stUb7LWhDDH1q3/vIpbGzNOlIU
|
||||
64RU7tnb73tfNAvP27wok1Y5QulkrcgmGhT1mEXC2Dmd6UNU53cPKC2L9mSYwpLY
|
||||
oI0S5LrNfvcJbv1T+Q+6tl4JOviv9c1pxHrGU5QiUC9iWHQAqABewDQcvZHCgkv3
|
||||
n1GU2n/Cw3FJN5VKZvsEsL3uLt0iPNsq+gXt1O1+72vnsU9WGb3cLpei+69NaWC2
|
||||
Y1eYROJUwvISYh5Fj3AbQHkeaoMBnlD65MtCC27e4wQ08f1WK9yqD9RuF0/AyoMq
|
||||
eKuacUkDdRsGtv/EPw+2Y4TVZU8NCx/bklwzfti9d5Gvl13dVKH2rNxNzfU2uwN9
|
||||
VMylBtSPKy0M7mIneZmpAFRDUzcVAV/+1u8khfWG0L6AX9jD3m/9/kKZIsVRuxLP
|
||||
RW8OcSkZ38Y8LachhEToEyr1s0iPWOa2Uo6/nPpBswk8yI5CGETSvsL0+imcnykU
|
||||
GJJGLNRg8QZRAXzB/CadLZ2YLSp+VbwY1RI9MUnOIQy4nDJYmqtrlFtFlbkgYign
|
||||
eI6NycS8iTSQkGJHJCxftPW5HU/rOFoVmDkdpZ8lMBJsjqsrWxuMhZdYhd12SYRz
|
||||
c8MUarMyTCNYOA/U3avP3wcMWlIBGXnDhCSJWuP4TgekL8YeXIZlpqfLNSbjjzjK
|
||||
Qjr1QWrFcheKFtcN+RwxjmEH9VIx/Gl+j39GKjuVE6qFv8ydf5pO6hNlpUhdPwbw
|
||||
AfnY26813nPRQszCSKXgT6ZzLExlOdGEtcsLdVgNhqTG/YLSOWOzLogqbbIGBXrP
|
||||
iDenjXgL+KWWVx68rLIkX6uXp7ECyJuIzHdA4rz4BJ2E8N07RWIB4UIJqDkb+SmB
|
||||
uBjHA/lnnF1NgTaF1YfGTBYJBh9A5De0lWs7f/4FBuQ6cudLHw1TWFzXNYrBUvIi
|
||||
JVi3wm1MZYiLz5uWvf4hqS6kuxtHlkxmZeOjawxyNAaESesM3LiuGNa4wlAdLqrb
|
||||
Re9jzz6n7OyL+7NEjpDgxS7kx2UjgZfrH3+FhGAGJaaqfeC1Gz21jXNc4S+zHxP2
|
||||
Qt3/qm027TN1TARpTxDK4eGRFgOLyDbb+8aeaywjcqUWRN5tWutFNavSn/Amgugh
|
||||
mSxJJvyf0WKnh6cbX5mGQFzKiaAqz22IgtcSovZt0K13KR6IExQZW1N2QbpchjWM
|
||||
NFwD7jxGsOPeukul9fpANrZk+qXZqjSX58bEbMax+th1WNpnEqG470FvcJv8z72e
|
||||
6YP6NW+YmJhshYOCv/q6Ng==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-serve
|
||||
ns-cert-type server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
9b6729c5c91b466a2bf7a494c2773f66
|
||||
6f580c49cf669c267b408d4e69b47554
|
||||
eb9a77dc00111f2ffb3be09c38a34c29
|
||||
441ed188e45a20a0bc31e28f0740ee28
|
||||
10a36049da14f04a4efdfbfc15e492c4
|
||||
e8c6cc0e07b5ad43f8a7f9685edf07cc
|
||||
3764e44b091a1277195ff52cad66574b
|
||||
b9396a38e10445255a387a4c510ad5c9
|
||||
9376d6cfe2aee6b4970faadbe8b4b581
|
||||
cd01a751bd07d53d984cdbd82c357820
|
||||
0251066db57e5863fc96e6ccc4ac9ebf
|
||||
b06231f21e93d1934a9ed0352ff0d3cc
|
||||
e1fc4269821572b858b3461c4eacacd0
|
||||
0eb309b692e49ea3cd9683ff4ae85161
|
||||
790f3ff5bc0d7dba51015e182d88a09c
|
||||
9389557003a462a4c57467320c9913a8
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
1
AK/openvpn/gw-ckubu/ipp.txt
Normal file
1
AK/openvpn/gw-ckubu/ipp.txt
Normal file
@ -0,0 +1 @@
|
||||
VPN-AK-gw-ckubu,10.1.0.2
|
||||
4
AK/openvpn/gw-ckubu/keys-created.txt
Normal file
4
AK/openvpn/gw-ckubu/keys-created.txt
Normal file
@ -0,0 +1,4 @@
|
||||
|
||||
key...............: gw-ckubu.key
|
||||
common name.......: VPN-AK-gw-ckubu
|
||||
password..........: oot4yoociepaPuumahlieyie
|
||||
141
AK/openvpn/gw-ckubu/keys/01.pem
Normal file
141
AK/openvpn/gw-ckubu/keys/01.pem
Normal file
@ -0,0 +1,141 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 1 (0x1)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Validity
|
||||
Not Before: Feb 6 13:30:43 2018 GMT
|
||||
Not After : Feb 6 13:30:43 2038 GMT
|
||||
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK-server/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
Modulus:
|
||||
00:d6:54:ff:ed:31:40:93:d3:2e:da:0a:e2:7a:f6:
|
||||
51:83:c6:15:03:62:aa:59:e9:71:20:a3:af:4d:94:
|
||||
30:3e:23:30:18:f2:02:91:03:7a:6c:fe:ea:d2:8f:
|
||||
22:c7:19:10:5c:d2:ea:93:7e:5e:88:7b:9b:db:23:
|
||||
8c:b2:85:d7:d1:b1:ac:8d:3c:59:30:ec:2a:63:b5:
|
||||
56:32:e7:7d:af:bd:0c:05:74:30:a2:7f:42:8c:2b:
|
||||
b3:cc:e2:f2:5f:73:52:d4:27:44:87:1e:fb:c9:a4:
|
||||
0e:0d:1c:f9:b0:b9:dd:49:62:af:c8:1c:9e:7b:70:
|
||||
7c:21:ea:f1:fc:45:45:c6:f0:c8:36:c1:b6:b8:c4:
|
||||
b4:e6:78:45:8e:cb:e9:1e:33:41:f2:20:30:5f:3a:
|
||||
ba:b5:37:67:a1:b7:85:90:1f:19:3f:8b:42:a2:40:
|
||||
02:ba:67:25:92:58:57:dd:cc:af:92:c5:f4:99:a1:
|
||||
7a:f9:1c:cb:4b:4d:66:0c:9f:45:b0:5d:85:df:3d:
|
||||
cc:a9:77:73:d9:a1:ee:bc:d8:ee:8c:cd:91:96:2c:
|
||||
70:fb:4f:f1:cb:3d:90:aa:73:d6:ab:4b:b0:a5:f1:
|
||||
41:a3:f1:ea:8a:f3:20:5f:c1:88:cf:68:66:c3:65:
|
||||
eb:ef:b9:ed:ec:2c:8c:96:b7:eb:70:e5:c3:7b:52:
|
||||
c5:89:40:39:53:a1:ca:fc:84:05:2f:63:d3:5d:67:
|
||||
8d:94:26:1f:a8:fd:ae:9b:4e:64:87:8f:38:76:fc:
|
||||
06:30:49:ff:23:19:d6:a3:06:9d:3f:2b:1e:4f:42:
|
||||
44:6b:66:1f:55:88:19:23:40:9b:01:32:96:22:87:
|
||||
fa:9c:8e:0a:41:6b:e1:cf:a3:68:db:80:e1:5d:86:
|
||||
72:e0:33:0b:cd:30:5e:aa:c7:8a:20:19:0a:6e:2c:
|
||||
c9:01:36:57:bc:2d:c7:95:aa:3f:9c:40:47:e1:34:
|
||||
03:90:d0:9f:11:4e:f3:d4:3c:a9:fe:63:81:db:f0:
|
||||
bd:27:4c:4a:6d:89:a4:95:1a:f1:ed:b8:b8:a2:71:
|
||||
52:91:ff:e0:8b:b6:9e:31:fc:b7:c4:0e:07:84:29:
|
||||
20:79:57:99:5b:7e:5f:be:eb:a2:bb:73:9d:ef:f2:
|
||||
1e:8b:24:c6:86:91:68:cd:71:bd:35:05:d5:9f:cf:
|
||||
e7:5f:b4:9a:2f:12:9c:b5:3f:8a:7f:c7:b0:cf:d7:
|
||||
70:ea:28:63:65:6d:7c:64:ad:06:4d:1d:17:30:ca:
|
||||
0f:54:76:21:90:16:a0:49:0a:87:ae:b3:ff:dd:e0:
|
||||
71:17:0d:71:ee:96:8a:2d:86:14:fb:99:5f:ec:9f:
|
||||
5f:25:79:cf:42:7a:13:0c:66:cc:7a:60:83:43:77:
|
||||
f4:b6:f1
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
Netscape Cert Type:
|
||||
SSL Server
|
||||
Netscape Comment:
|
||||
Easy-RSA Generated Server Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
C6:1E:B3:D8:34:53:70:7C:82:D3:64:78:9C:4C:33:01:71:8A:67:66
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:10:75:D7:29:AC:8C:7D:38:52:34:22:27:55:62:4A:DB:BE:48:B9:BF
|
||||
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
serial:B4:69:F7:44:F3:80:0D:34
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:server
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
91:4a:bc:3a:35:78:e5:e5:66:b6:36:5a:66:0d:da:e3:01:7c:
|
||||
07:be:0e:0e:2e:61:1a:c0:74:90:83:f7:39:8b:2d:0a:06:92:
|
||||
ca:75:d3:ac:a6:94:66:10:41:30:2c:dd:77:c3:12:e0:5c:97:
|
||||
e6:5d:c3:ef:2f:63:65:d0:f7:c3:9f:72:6f:54:07:e8:80:af:
|
||||
35:53:74:6f:4d:ea:33:0a:86:8c:1d:79:f1:22:76:97:f4:43:
|
||||
34:01:0e:8c:79:8e:23:60:67:89:ad:eb:48:4a:d4:50:a7:09:
|
||||
bf:00:ce:d6:d6:6c:e8:f1:06:b0:f9:1c:de:1d:d9:32:2c:8a:
|
||||
02:dd:0f:31:a7:0f:f7:92:e5:f6:7d:37:7f:a8:5f:bc:87:93:
|
||||
4d:58:1a:6b:e0:84:a0:7b:6d:f7:6e:84:e6:94:87:70:59:3a:
|
||||
9d:07:c4:1a:21:96:8c:04:51:e4:f1:01:49:0d:3f:7d:d4:65:
|
||||
5b:ae:dc:40:4b:63:71:0d:ef:bc:e3:f6:ab:11:2c:b8:2f:df:
|
||||
5a:bd:70:21:03:d0:54:b0:3f:ce:70:d4:4e:f2:ec:1d:54:b6:
|
||||
1a:53:ea:e7:2c:82:83:74:98:52:41:0e:4b:cd:03:02:9e:4f:
|
||||
7c:85:45:13:6c:ec:a2:ba:18:ca:62:39:3c:45:f4:83:86:74:
|
||||
77:0c:b4:fb:f7:50:f6:77:a2:91:db:5a:3c:d9:3b:75:2e:3c:
|
||||
8a:68:dd:f3:fe:9a:4c:1a:d6:a6:46:d6:3f:9d:c2:f7:06:0f:
|
||||
4a:5b:9a:de:27:39:a1:e9:19:8a:82:86:de:5f:86:82:f0:cc:
|
||||
5c:47:64:fd:bf:8b:6a:f9:a2:ce:a8:75:12:1a:97:20:01:fa:
|
||||
a3:22:7d:1f:5d:66:09:f0:51:97:ff:e0:b0:89:e4:2b:33:de:
|
||||
c2:7e:86:24:34:28:6f:6a:5b:e7:f4:f8:4f:29:f5:06:9d:26:
|
||||
a5:f4:e6:69:cb:dc:22:e6:3d:ae:65:da:41:f0:23:aa:58:93:
|
||||
38:1e:14:fd:df:6e:af:9b:56:a4:d3:91:b7:33:a2:2d:5e:38:
|
||||
6c:e3:16:de:91:f1:4e:f3:5a:37:1f:a7:6b:d4:97:7f:1e:a9:
|
||||
34:a9:e3:db:38:7c:59:38:aa:c7:08:0b:89:46:42:c5:57:65:
|
||||
a1:26:f2:57:0d:33:d1:25:24:da:b3:f6:2c:ac:b7:71:18:df:
|
||||
20:06:90:89:78:f1:c4:7f:b6:48:78:f4:29:82:01:09:29:9c:
|
||||
21:34:b3:e8:06:71:61:9c:da:34:38:4c:c3:ad:73:15:da:0a:
|
||||
92:51:71:aa:67:87:44:3e:9b:b8:10:aa:06:d2:f6:a0:85:b0:
|
||||
8b:64:1d:68:35:c6:44:00
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIHPjCCBSagAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
|
||||
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
|
||||
Fw0xODAyMDYxMzMwNDNaFw0zODAyMDYxMzMwNDNaMIGjMQswCQYDVQQGEwJERTEP
|
||||
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
|
||||
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEWMBQGA1UEAxMNVlBOLUFLLXNl
|
||||
cnZlcjEPMA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Bl
|
||||
bi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANZU/+0xQJPTLtoK
|
||||
4nr2UYPGFQNiqlnpcSCjr02UMD4jMBjyApEDemz+6tKPIscZEFzS6pN+Xoh7m9sj
|
||||
jLKF19GxrI08WTDsKmO1VjLnfa+9DAV0MKJ/Qowrs8zi8l9zUtQnRIce+8mkDg0c
|
||||
+bC53Ulir8gcnntwfCHq8fxFRcbwyDbBtrjEtOZ4RY7L6R4zQfIgMF86urU3Z6G3
|
||||
hZAfGT+LQqJAArpnJZJYV93Mr5LF9Jmhevkcy0tNZgyfRbBdhd89zKl3c9mh7rzY
|
||||
7ozNkZYscPtP8cs9kKpz1qtLsKXxQaPx6orzIF/BiM9oZsNl6++57ewsjJa363Dl
|
||||
w3tSxYlAOVOhyvyEBS9j011njZQmH6j9rptOZIePOHb8BjBJ/yMZ1qMGnT8rHk9C
|
||||
RGtmH1WIGSNAmwEyliKH+pyOCkFr4c+jaNuA4V2GcuAzC80wXqrHiiAZCm4syQE2
|
||||
V7wtx5WqP5xAR+E0A5DQnxFO89Q8qf5jgdvwvSdMSm2JpJUa8e24uKJxUpH/4Iu2
|
||||
njH8t8QOB4QpIHlXmVt+X77rortzne/yHoskxoaRaM1xvTUF1Z/P51+0mi8SnLU/
|
||||
in/HsM/XcOooY2VtfGStBk0dFzDKD1R2IZAWoEkKh66z/93gcRcNce6Wii2GFPuZ
|
||||
X+yfXyV5z0J6EwxmzHpgg0N39LbxAgMBAAGjggGAMIIBfDAJBgNVHRMEAjAAMBEG
|
||||
CWCGSAGG+EIBAQQEAwIGQDA0BglghkgBhvhCAQ0EJxYlRWFzeS1SU0EgR2VuZXJh
|
||||
dGVkIFNlcnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUxh6z2DRTcHyC02R4nEwz
|
||||
AXGKZ2YwgdEGA1UdIwSByTCBxoAUEHXXKayMfThSNCInVWJK275Iub+hgaKkgZ8w
|
||||
gZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp
|
||||
bjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8w
|
||||
DQYDVQQDEwZWUE4tQUsxDzANBgNVBCkTBlZQTiBBSzEdMBsGCSqGSIb3DQEJARYO
|
||||
YXJndXNAb29wZW4uZGWCCQC0afdE84ANNDATBgNVHSUEDDAKBggrBgEFBQcDATAL
|
||||
BgNVHQ8EBAMCBaAwEQYDVR0RBAowCIIGc2VydmVyMA0GCSqGSIb3DQEBCwUAA4IC
|
||||
AQCRSrw6NXjl5Wa2NlpmDdrjAXwHvg4OLmEawHSQg/c5iy0KBpLKddOsppRmEEEw
|
||||
LN13wxLgXJfmXcPvL2Nl0PfDn3JvVAfogK81U3RvTeozCoaMHXnxInaX9EM0AQ6M
|
||||
eY4jYGeJretIStRQpwm/AM7W1mzo8Qaw+RzeHdkyLIoC3Q8xpw/3kuX2fTd/qF+8
|
||||
h5NNWBpr4ISge233boTmlIdwWTqdB8QaIZaMBFHk8QFJDT991GVbrtxAS2NxDe+8
|
||||
4/arESy4L99avXAhA9BUsD/OcNRO8uwdVLYaU+rnLIKDdJhSQQ5LzQMCnk98hUUT
|
||||
bOyiuhjKYjk8RfSDhnR3DLT791D2d6KR21o82Tt1LjyKaN3z/ppMGtamRtY/ncL3
|
||||
Bg9KW5reJzmh6RmKgobeX4aC8MxcR2T9v4tq+aLOqHUSGpcgAfqjIn0fXWYJ8FGX
|
||||
/+CwieQrM97CfoYkNChvalvn9PhPKfUGnSal9OZpy9wi5j2uZdpB8COqWJM4HhT9
|
||||
326vm1ak05G3M6ItXjhs4xbekfFO81o3H6dr1Jd/Hqk0qePbOHxZOKrHCAuJRkLF
|
||||
V2WhJvJXDTPRJSTas/YsrLdxGN8gBpCJePHEf7ZIePQpggEJKZwhNLPoBnFhnNo0
|
||||
OEzDrXMV2gqSUXGqZ4dEPpu4EKoG0vaghbCLZB1oNcZEAA==
|
||||
-----END CERTIFICATE-----
|
||||
139
AK/openvpn/gw-ckubu/keys/02.pem
Normal file
139
AK/openvpn/gw-ckubu/keys/02.pem
Normal file
@ -0,0 +1,139 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2 (0x2)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Validity
|
||||
Not Before: Feb 6 13:36:54 2018 GMT
|
||||
Not After : Feb 6 13:36:54 2038 GMT
|
||||
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK-gw-ckubu/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
Modulus:
|
||||
00:d6:22:57:44:2b:27:86:b9:30:be:bb:d6:83:5d:
|
||||
7e:b4:0c:bc:f6:e6:16:5d:2b:79:94:3c:41:57:0b:
|
||||
aa:a1:31:1a:72:68:67:85:f3:93:f7:21:03:43:2b:
|
||||
35:8d:29:bc:bb:81:44:4f:65:14:cc:8f:60:48:d6:
|
||||
05:8a:06:27:2a:85:63:8c:a2:b1:1a:d9:4a:d8:1b:
|
||||
7d:aa:0b:b7:e9:69:5f:ce:59:ea:36:22:af:50:ed:
|
||||
9a:1e:7c:4d:c1:13:6f:23:b6:f8:60:8d:bf:ba:4d:
|
||||
d5:81:90:00:41:d1:f8:0e:24:74:ac:54:83:36:60:
|
||||
4a:ca:f3:10:28:fe:a2:c7:57:72:e3:ea:e2:00:22:
|
||||
0f:db:69:ff:6e:5b:44:a7:d2:a6:62:4a:14:e5:7a:
|
||||
26:4b:e0:cc:16:a7:79:c2:f0:ad:fc:0d:7c:9f:7c:
|
||||
79:22:3c:35:67:c1:06:cf:b6:02:cc:ca:86:ae:dd:
|
||||
87:03:ec:d1:2f:ca:f4:77:ff:c3:4b:72:9f:1e:b6:
|
||||
47:fb:9a:ab:ae:b6:e5:8f:c6:87:c9:db:e4:94:bc:
|
||||
43:aa:a9:fe:66:06:f1:28:84:63:38:9f:83:5c:6d:
|
||||
cc:6c:6b:e4:e2:06:94:8f:ff:9f:47:99:df:a0:10:
|
||||
f1:23:19:40:db:09:fe:85:70:17:bf:aa:ff:79:54:
|
||||
8f:3e:ce:a4:1a:a6:0b:34:9b:30:f2:a8:ed:b8:6f:
|
||||
3d:3e:08:32:86:4b:8d:b0:2a:0e:2d:8f:c9:be:d5:
|
||||
cc:47:36:9d:73:3d:d1:21:2e:67:9f:04:1e:12:82:
|
||||
c3:b6:7f:84:f4:d6:d0:96:b8:fd:5f:22:98:6f:30:
|
||||
96:d8:43:09:00:da:0d:98:7b:02:5b:f2:19:d1:a2:
|
||||
a1:77:b0:bb:94:c3:71:69:81:80:44:0b:2c:36:8f:
|
||||
ab:81:45:e3:d5:b5:1b:25:00:69:1d:93:89:8f:80:
|
||||
19:57:db:a6:d5:83:38:79:ff:6f:f6:16:f4:b2:56:
|
||||
28:94:7c:3a:61:2d:72:b3:75:2b:df:cf:bf:d3:4e:
|
||||
60:54:5b:51:75:a1:50:2e:c5:17:bc:b6:af:08:02:
|
||||
c9:46:e5:9f:16:fe:a4:e9:5a:7f:1f:20:e5:46:2c:
|
||||
0b:de:40:c2:b3:2f:ae:97:e9:65:f4:30:b8:da:b3:
|
||||
1b:eb:2e:d6:c4:09:ca:ee:53:7a:23:99:96:2e:42:
|
||||
fb:69:66:38:42:3f:45:6b:e3:9e:6a:f1:b0:79:24:
|
||||
98:39:a1:33:18:78:4d:ba:54:3d:a4:8b:30:f5:fd:
|
||||
d7:10:a1:a1:d5:78:52:a2:3a:4a:84:73:38:d3:0b:
|
||||
93:98:63:30:6f:9d:c6:85:7e:63:07:75:0f:8a:33:
|
||||
1d:6e:01
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
Netscape Comment:
|
||||
Easy-RSA Generated Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
05:82:E8:D6:6B:71:33:58:DB:DE:88:05:FB:52:84:BD:F3:4D:64:3A
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:10:75:D7:29:AC:8C:7D:38:52:34:22:27:55:62:4A:DB:BE:48:B9:BF
|
||||
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
serial:B4:69:F7:44:F3:80:0D:34
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:gw-ckubu
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
77:b5:36:f4:d3:00:4d:f6:47:38:c5:c9:46:73:ef:6b:2e:11:
|
||||
5a:e4:38:28:67:6e:d9:68:91:f8:5e:9d:c7:ce:67:ed:b8:d6:
|
||||
33:2c:c2:98:39:69:00:c0:da:36:3e:96:61:10:5b:9b:4a:e0:
|
||||
df:b6:86:09:53:14:73:38:81:6e:1b:df:ad:9b:ac:91:44:7b:
|
||||
47:c2:32:5d:eb:fd:ca:9d:99:96:c3:35:74:a6:f7:14:7b:a5:
|
||||
2a:08:5a:df:f6:be:8e:2e:71:94:33:40:4a:8d:e8:25:c0:d3:
|
||||
fa:ce:c7:ce:32:3c:38:fe:50:51:ea:be:83:80:01:46:dd:05:
|
||||
93:96:a9:9e:10:f9:09:e2:e5:8e:10:99:4b:06:59:aa:0a:dc:
|
||||
b0:29:29:21:1d:7c:dc:62:29:99:0d:67:a8:e8:5a:48:c9:88:
|
||||
4e:39:a5:d6:1d:e6:a7:94:47:5a:65:8b:13:61:97:97:48:4c:
|
||||
7d:15:7d:e3:3e:f3:92:17:4b:ac:bd:4e:6e:24:6f:ab:5b:2c:
|
||||
f3:bb:28:fb:bd:bc:5f:fb:50:3d:3e:67:ec:cc:84:0f:27:0e:
|
||||
ee:02:8d:0b:4d:dd:a4:aa:e8:76:b3:8b:5e:e5:0d:b8:e9:60:
|
||||
45:a2:77:62:d0:d0:4a:6f:87:47:3c:3c:77:1d:37:3a:5f:df:
|
||||
7e:37:ff:e7:ee:9f:ea:87:c4:a7:04:33:fe:c1:cf:21:ed:55:
|
||||
aa:8f:31:1a:8b:20:c5:71:e3:e8:c0:37:69:3d:2e:3e:e8:b3:
|
||||
0c:d3:65:ae:76:e8:6f:39:91:2b:5f:c1:9e:44:ce:e1:d9:fb:
|
||||
9d:ec:d9:c1:fa:69:da:3e:49:90:db:57:66:a0:ad:c8:cf:ae:
|
||||
2d:c1:9a:f7:b7:e8:47:74:8c:b7:00:03:42:9c:35:53:8a:19:
|
||||
f5:2e:63:f5:11:d3:c8:ff:d0:d6:c6:d7:66:59:21:90:02:3f:
|
||||
1b:48:89:17:1d:f7:b7:2f:3d:72:48:c6:7e:b4:2e:ab:c1:92:
|
||||
24:57:f6:b4:56:03:4b:1e:ff:f8:64:08:46:d4:0b:fc:3d:61:
|
||||
e9:03:cc:3b:4a:53:9b:f0:25:d1:e3:74:f5:57:d4:d6:60:5c:
|
||||
e5:a8:9b:d9:54:16:65:93:cd:e4:d6:0b:cd:62:00:6f:d8:37:
|
||||
0d:bb:d7:26:79:6d:ef:11:ca:c0:21:c7:eb:bc:aa:5e:40:b8:
|
||||
72:f7:b5:1b:07:8f:54:d4:6d:d0:48:35:e3:c1:bd:67:b1:2f:
|
||||
65:dd:75:da:23:8f:00:b7:87:8d:8d:ec:0b:e7:30:d5:bb:ba:
|
||||
44:b1:cc:2a:20:f5:e1:b1:5e:68:4a:91:3b:7d:12:7d:e9:0f:
|
||||
5a:01:6c:6e:bb:cf:9b:4b
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
|
||||
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
|
||||
Fw0xODAyMDYxMzM2NTRaFw0zODAyMDYxMzM2NTRaMIGlMQswCQYDVQQGEwJERTEP
|
||||
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
|
||||
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMPVlBOLUFLLWd3
|
||||
LWNrdWJ1MQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
|
||||
cGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1iJXRCsnhrkw
|
||||
vrvWg11+tAy89uYWXSt5lDxBVwuqoTEacmhnhfOT9yEDQys1jSm8u4FET2UUzI9g
|
||||
SNYFigYnKoVjjKKxGtlK2Bt9qgu36WlfzlnqNiKvUO2aHnxNwRNvI7b4YI2/uk3V
|
||||
gZAAQdH4DiR0rFSDNmBKyvMQKP6ix1dy4+riACIP22n/bltEp9KmYkoU5XomS+DM
|
||||
Fqd5wvCt/A18n3x5Ijw1Z8EGz7YCzMqGrt2HA+zRL8r0d//DS3KfHrZH+5qrrrbl
|
||||
j8aHydvklLxDqqn+ZgbxKIRjOJ+DXG3MbGvk4gaUj/+fR5nfoBDxIxlA2wn+hXAX
|
||||
v6r/eVSPPs6kGqYLNJsw8qjtuG89PggyhkuNsCoOLY/JvtXMRzadcz3RIS5nnwQe
|
||||
EoLDtn+E9NbQlrj9XyKYbzCW2EMJANoNmHsCW/IZ0aKhd7C7lMNxaYGARAssNo+r
|
||||
gUXj1bUbJQBpHZOJj4AZV9um1YM4ef9v9hb0slYolHw6YS1ys3Ur38+/005gVFtR
|
||||
daFQLsUXvLavCALJRuWfFv6k6Vp/HyDlRiwL3kDCsy+ul+ll9DC42rMb6y7WxAnK
|
||||
7lN6I5mWLkL7aWY4Qj9Fa+OeavGweSSYOaEzGHhNulQ9pIsw9f3XEKGh1XhSojpK
|
||||
hHM40wuTmGMwb53GhX5jB3UPijMdbgECAwEAAaOCAWgwggFkMAkGA1UdEwQCMAAw
|
||||
LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
|
||||
BgNVHQ4EFgQUBYLo1mtxM1jb3ogF+1KEvfNNZDowgdEGA1UdIwSByTCBxoAUEHXX
|
||||
KayMfThSNCInVWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
|
||||
EwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYD
|
||||
VQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkT
|
||||
BlZQTiBBSzEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84AN
|
||||
NDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoII
|
||||
Z3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAHe1NvTTAE32RzjFyUZz72suEVrk
|
||||
OChnbtlokfhencfOZ+241jMswpg5aQDA2jY+lmEQW5tK4N+2hglTFHM4gW4b362b
|
||||
rJFEe0fCMl3r/cqdmZbDNXSm9xR7pSoIWt/2vo4ucZQzQEqN6CXA0/rOx84yPDj+
|
||||
UFHqvoOAAUbdBZOWqZ4Q+Qni5Y4QmUsGWaoK3LApKSEdfNxiKZkNZ6joWkjJiE45
|
||||
pdYd5qeUR1plixNhl5dITH0VfeM+85IXS6y9Tm4kb6tbLPO7KPu9vF/7UD0+Z+zM
|
||||
hA8nDu4CjQtN3aSq6Hazi17lDbjpYEWid2LQ0Epvh0c8PHcdNzpf3343/+fun+qH
|
||||
xKcEM/7BzyHtVaqPMRqLIMVx4+jAN2k9Lj7oswzTZa526G85kStfwZ5EzuHZ+53s
|
||||
2cH6ado+SZDbV2agrcjPri3Bmve36Ed0jLcAA0KcNVOKGfUuY/UR08j/0NbG12ZZ
|
||||
IZACPxtIiRcd97cvPXJIxn60LqvBkiRX9rRWA0se//hkCEbUC/w9YekDzDtKU5vw
|
||||
JdHjdPVX1NZgXOWom9lUFmWTzeTWC81iAG/YNw271yZ5be8RysAhx+u8ql5AuHL3
|
||||
tRsHj1TUbdBINePBvWexL2XdddojjwC3h42N7AvnMNW7ukSxzCog9eGxXmhKkTt9
|
||||
En3pD1oBbG67z5tL
|
||||
-----END CERTIFICATE-----
|
||||
39
AK/openvpn/gw-ckubu/keys/ca.crt
Normal file
39
AK/openvpn/gw-ckubu/keys/ca.crt
Normal file
@ -0,0 +1,39 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIGxjCCBK6gAwIBAgIJALRp90TzgA00MA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEPMA0GA1UEAxMG
|
||||
VlBOLUFLMQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
|
||||
cGVuLmRlMCAXDTE4MDIwNjEyNDAwN1oYDzIwNTAwMjA2MTI0MDA3WjCBnDELMAkG
|
||||
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
|
||||
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMT
|
||||
BlZQTi1BSzEPMA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
|
||||
b3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMNalpNk0cB
|
||||
wPdZemz4r4TIhtRSxZEEg9yhTRo9LdMa6oNo1gpg3/60n9nBtA0cDnllx7Z37PvC
|
||||
Pg4RJksrB2ZYOB3oSo8LoMzlA0lZl4AMKnxau1ZJI8OB9Ia+6uJxBnpwVULsL4sx
|
||||
ds9pHsnXU74UWgdZPAHsfWhogMtk8TsikLFv7P6oxg3fXeVriWP/SUETTWHgSD3x
|
||||
gPsnrcGqlCPcfb/mH5SU+v+ge+iue0BXe/1OZkJDHdj5vLZ4MiUCiVVslX36uqti
|
||||
sI3Jt2OyF9XQwu5wms3ioW3XydpPmbisRuI7qrTdnmT1iVhbk29eQK/yHrXvuuXQ
|
||||
i6PQAirBtMYD8tx5FbMJ6ueDcm0jTVedfHtdkWkBY84bBnecF7ys000fDzJs1YH2
|
||||
SP3cb0KbREG2RE5BE1OgUgg8odbJ7/K+Tp0VKEbJAZCwpaw+qAU9xfH3pDoSX+iD
|
||||
N+SXxnjSpamwGYmx+PGpwIe3RnlEx8XUcMbEBq5grq7aR7tYd5qh1NKTUKleGucD
|
||||
1izZeGLLkh81Gpx+KFXNm7lk3WDx3dqUXc3tJgpZsZJc3VI3UjO5WaYlrdTc6IQs
|
||||
3rD0rOGrETI/utLQI9PNFSis00h2LmcPVnEL0N/W71kHeOuytr1Tg1FyFGY7Wbth
|
||||
bei4c14kNkVUk1Ncfl07pMR+/i9yee3DAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQU
|
||||
EHXXKayMfThSNCInVWJK275Iub8wgdEGA1UdIwSByTCBxoAUEHXXKayMfThSNCIn
|
||||
VWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkTBlZQTiBBSzEd
|
||||
MBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84ANNDAMBgNVHRME
|
||||
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBIgCBt6v6t2HSqwkLKjgR1c2cDViPe
|
||||
WmX8E8maqaDIUopyvNzsZCXjqZ1RNnIHgFKZyZqXSzXRGHbUiohJ4WkkOy+QV64L
|
||||
/LUizsZkMJasjYQgcDcXu5sN9mIzGW6C5myjwtSYBWITPxLsedOQLIhYulLrCBa0
|
||||
A/gs/gfODm0opsCOuvQn33psUyLda/k9BE/9EHmOg37IRh/rQi3dyQaW2DGfCgZc
|
||||
GSIMsxobp4QbdUTJyyIoJW/ZK20Mam+IWNhptqCX/SXlx0pzakkdAulwMtUCPwyD
|
||||
8IJEy5ST+qBoctg1mSLts14ZYM63NRYKPfnSUN1JfQE5Sl624c8koVJcKjFnPdII
|
||||
cFwo9R+SQFDfTva/xRC8Ydwp1C8V+wnXtM9B1aigule5MXe8CQE4PZjG1Bh7992x
|
||||
GcKGBCWR/8JmfipvH4EJ9brS4ZsQ5snfJImBtmmVxSjXn1aE77UYNEp8GF2vW8CV
|
||||
7j+neVQtQdA16tXYH4bWy4MCpVCuoBj2ffTkN/5cp9xWHt9D1w73LxXHMEWoQojF
|
||||
cOeUda1VSwR17SiEy/lo3mRnWoT6AzLVwYzVQg0W8dc9wPcJ2EiVzQu6ccs2gIJV
|
||||
RtdV9iX+oAkwK3/lPB68LvfMEw3Qcy3OY9DmjZNajlv8HCTirBuGNaUwR6pZGqiG
|
||||
JN2zjAizahwZgQ==
|
||||
-----END CERTIFICATE-----
|
||||
52
AK/openvpn/gw-ckubu/keys/ca.key
Normal file
52
AK/openvpn/gw-ckubu/keys/ca.key
Normal file
@ -0,0 +1,52 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDjDWpaTZNHAcD3
|
||||
WXps+K+EyIbUUsWRBIPcoU0aPS3TGuqDaNYKYN/+tJ/ZwbQNHA55Zce2d+z7wj4O
|
||||
ESZLKwdmWDgd6EqPC6DM5QNJWZeADCp8WrtWSSPDgfSGvuricQZ6cFVC7C+LMXbP
|
||||
aR7J11O+FFoHWTwB7H1oaIDLZPE7IpCxb+z+qMYN313la4lj/0lBE01h4Eg98YD7
|
||||
J63BqpQj3H2/5h+UlPr/oHvorntAV3v9TmZCQx3Y+by2eDIlAolVbJV9+rqrYrCN
|
||||
ybdjshfV0MLucJrN4qFt18naT5m4rEbiO6q03Z5k9YlYW5NvXkCv8h6177rl0Iuj
|
||||
0AIqwbTGA/LceRWzCerng3JtI01XnXx7XZFpAWPOGwZ3nBe8rNNNHw8ybNWB9kj9
|
||||
3G9Cm0RBtkROQRNToFIIPKHWye/yvk6dFShGyQGQsKWsPqgFPcXx96Q6El/ogzfk
|
||||
l8Z40qWpsBmJsfjxqcCHt0Z5RMfF1HDGxAauYK6u2ke7WHeaodTSk1CpXhrnA9Ys
|
||||
2Xhiy5IfNRqcfihVzZu5ZN1g8d3alF3N7SYKWbGSXN1SN1IzuVmmJa3U3OiELN6w
|
||||
9KzhqxEyP7rS0CPTzRUorNNIdi5nD1ZxC9Df1u9ZB3jrsra9U4NRchRmO1m7YW3o
|
||||
uHNeJDZFVJNTXH5dO6TEfv4vcnntwwIDAQABAoICAQCAYVWBOdvMinFRaoaOlw6n
|
||||
Rbr20tZi6OqmFY5DB9ShSNbQ9rYPqDb/DaJUvfHQd8y3V5VU1vpoX6w2x/ufBPVq
|
||||
KPeR8YY225xQPi1djArdnANpzOOgJjrSkOhySAEHiGDhWiLbdDBtw8op/IYsGlR/
|
||||
ZYKCJTKI4+8E2hH471p21VR6/45Bb6yMq3+r+OH2aKJC6WcXsHkojSUg3Y6hspGQ
|
||||
tVtk5fl1SceiQlvNdNq7xruUvn+Td9+oj4zkn5G623RLmNnuIZbq0SKDCUtoU4qm
|
||||
myOdLo5ZW4trUFgR2HBSuxZZVONw4N5ut2axTxZOIjzxPzWeKa7Dwucx+KtBAcX0
|
||||
IBykYOrlwTQfaOI+yNCB+u6RqC3prURtx73eEvVUOKMbhSc/lSFvex6vgQ5xW4iF
|
||||
5gdeiR+Fwu3NQqGBR1auXNjBLtTiKBaYZ0jCNliw4AEnu92Mb0tZbH5xFyC+NmKt
|
||||
qV75/fpolDN9Yx6d8onhWSWnAeTn+3oDupd/vQ5HbnYLP0rhfyIciAYfOW70Fv1E
|
||||
2H9FhDDnvmiZqGQKw/7s/ngdQTEs56y2lIbplzVSCjGKX4lrYYKV9yLM9qJ/UoAb
|
||||
j74ww1olFW40lA1rNTSA7zCL7+pwuK2iN5nHOMjHXkzyfxOM+vwLk52ZS27kBFfb
|
||||
FQ0KVo8NHZvl61yDr/HcAQKCAQEA9HBG7FJT4w16tC2ghfYVYPs/sWvpbDY8bSus
|
||||
rgQvuiktRsnc6GgGQtboJDaPfl9fhmd3DDg4RC2dppbAApS6hYMB8qNppElt40nx
|
||||
Tf39nZIOEKfUB6HMzzjomWBYXrxhai2U7o1wqR1Xs2w0+KjlxeWGzN9wNGdXAbDe
|
||||
rqXrcxPp/YmheLggiQXd1Xe95Ien1zFx91CEBeKBulRhNrtfFOPNZTlJ03gRImjV
|
||||
s/46TPqlJflr8FiUdbyx03++10fQkFRE3pvh/zI7ZfWUKa4+191Wm1Dv9yC3+QAu
|
||||
3A8zniWg7/eK1jJpjp5NbVGaF0QQwBi/moPwLpqX+9ISaLkdqwKCAQEA7cqfSzh+
|
||||
PTxCmxWogPAqSBt0HALjUadpzWMnOKoM2fbq86ocEFvEA9FK/9zT+8aWQldIR+Gi
|
||||
3AHRRUAedIKkMMmhRbzmAdcVHEXHU4SeclEEpC+hM0FdMkieHFdjf58yFTLlh8+a
|
||||
i7fYwcewgOcHKlm6m4w0ON2tQhKzZvV3fsxym19X2r/gRmbOzDHZee7cd4bNpy+A
|
||||
iphVLBk50SzBX9QB51PlDOadhE9cB1CYJ9B+AcdYtdx8XBoCfbK7cTFopmE+yhrl
|
||||
+toDz3lX34PDKWzByW/LYEK6AFnLvjniwEd3Y5AsNOXWW5ck9UzElLZMlmmPFyLb
|
||||
Rx587piOI+loSQKCAQEA3JNQvMJR5orsVhjySNBWXGx8/lp1ieurPYxyx5kJhIDR
|
||||
1ZYlHSd5tuj9FGiTtiLULZHCEKnOxF8xavmQDQQvCHm+0Th7BQAqBDdeY9W1/XGl
|
||||
9YusvrJYAgrFglo5hEuT0F+PjHDf4AuVb1hOuLCYn6rOqKNcOj2ieukjGRCqVe77
|
||||
cIm4xxnIaj17/7yNA+MSJxL8V4M1j6XlEMJB80TDuTMTzqsSnpwzQgy+Ay1/aKWp
|
||||
T4oyx/D3DwOWqFcXXGb2orcYapTaLBIlHY2tBKuzE9Is6/zufd/tg+mRX4zsNGKa
|
||||
RtDnXQCi1kqtbd98IFCQmPf8Nq+mljd0vI3FhPC+/wKCAQEAkyBMIPlqOi8fst7a
|
||||
rDRspMK/u1kaFvpzXw3bRZcJbo703iBBTunIROho9BhI3L4JWDCy2y7DWkaRmbxL
|
||||
W6E9P6ZxbzmqQjc2q5CM/KLQekCgk4mYvqLRq/v8P+LeACeakD02gSo1H/93UKZi
|
||||
Ec9fwpdT+0vrP8gAnCH/+FMmRUDwJCwAqqsPc9/GUdcCDQx6QkYY1jlw2c/Y2vkc
|
||||
qcx8NPNy3hMtZCcIDMYhVbFLA09ft3AE9jjehQnewrEkgqukaVU/yUKNSwE7XFJi
|
||||
yTu4M9hDqoPOHNgMR41Hn4InRvqw5txcTbprP64rws5lzvFgP6w+SX1amQ1HFUU0
|
||||
pQmUaQKCAQBYUJ2kMy3bR7RjLl0oAnpXmcPWXk+SlVPj31sxapOAenz307I1oM9v
|
||||
LQCgIybzrD89N3h/O0bX72Y4FOJcPoh0uOGANLqX4WWY2wR+LOeP5NxOErf+/3WP
|
||||
YQE9e7iNwZk7Ry38yw46tG51Dljx8iQhmob43RZvjZvm6QZrXYQbNNsEIw/zq2fl
|
||||
Gs1tMMQf2Y01WRXtFYQ7TeAPc5T1jYcDz2eLt4WCL3Lb9lUWoC0mCy7FhKy7Dt+2
|
||||
WXe5GaTy/o49Cg2MwTkome3Cy4HyDFVBetAvjD7d8/b+XZkwKVo68Rmd8YtcEEXg
|
||||
Jp649vsetKoo2N2qc9eBZi5ZLagTDqqw
|
||||
-----END PRIVATE KEY-----
|
||||
1
AK/openvpn/gw-ckubu/keys/crl.pem
Symbolic link
1
AK/openvpn/gw-ckubu/keys/crl.pem
Symbolic link
@ -0,0 +1 @@
|
||||
../crl.pem
|
||||
13
AK/openvpn/gw-ckubu/keys/dh4096.pem
Normal file
13
AK/openvpn/gw-ckubu/keys/dh4096.pem
Normal file
@ -0,0 +1,13 @@
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIICCAKCAgEAyDMZgIXRmjastcz0cYwyb1JhrpcrE0RCzHtlq+J4L53bBukEzfKD
|
||||
/BJVRJ4PdKpWQJMbz+D/5WVSU8Br82G8tyys9Ba0eZ+58dhxBLyNo6NGXQ7DluQ4
|
||||
TZZvtm/fUTyU2fZfzwGQLAN3NBgP9jIMdOYwa8BA4WvTXzAf1bcuhiy3wXAfxQAV
|
||||
WJMhp8yY3hSq9KnemqS/AuZgueoVhP6StOX/tujmhIsoC0qn1BoHIwt7UH+llUnL
|
||||
6J+Evbffp+buMDNzmaqL+jbbgSdwYBFKmFeuF8V4hjJ7FZ9p0tOsom8Sg2+sBwfK
|
||||
0c+ZaBoC29PYBvXuMlECKCOiqarmCjhXKnVu32QnOTOLb51LqpCdBkdZupYvN1fF
|
||||
Mm8SkdPRwXYzp6r9NhGgroi1mcs6p6GoT1CzgMrTn0aa28C5bzbfOgHKCHbpPjvc
|
||||
yQFfG1iynp3uBpGa5MUPIL5ydpNl+HKi/iOonXu1zynd4fiszvw7DF8AJirx1O0l
|
||||
YGIpYfXAoledPfMFQq6yTQea+rNhP19V/9ToVdwIdqj1CUN0LvGZbZiZWddfuJrK
|
||||
FxJGyF5ntt7TXkmUpQsVibgVJR7EVxzc/7byywjx265v/f0GdKgpYH03NkhhDJxd
|
||||
kfypAH8jTiKCTEkZpyMPT1RwVYyjp/Z1UjmohFRTvvdGVLXRLP6T9HMCAQI=
|
||||
-----END DH PARAMETERS-----
|
||||
139
AK/openvpn/gw-ckubu/keys/gw-ckubu.crt
Normal file
139
AK/openvpn/gw-ckubu/keys/gw-ckubu.crt
Normal file
@ -0,0 +1,139 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2 (0x2)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Validity
|
||||
Not Before: Feb 6 13:36:54 2018 GMT
|
||||
Not After : Feb 6 13:36:54 2038 GMT
|
||||
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK-gw-ckubu/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
Modulus:
|
||||
00:d6:22:57:44:2b:27:86:b9:30:be:bb:d6:83:5d:
|
||||
7e:b4:0c:bc:f6:e6:16:5d:2b:79:94:3c:41:57:0b:
|
||||
aa:a1:31:1a:72:68:67:85:f3:93:f7:21:03:43:2b:
|
||||
35:8d:29:bc:bb:81:44:4f:65:14:cc:8f:60:48:d6:
|
||||
05:8a:06:27:2a:85:63:8c:a2:b1:1a:d9:4a:d8:1b:
|
||||
7d:aa:0b:b7:e9:69:5f:ce:59:ea:36:22:af:50:ed:
|
||||
9a:1e:7c:4d:c1:13:6f:23:b6:f8:60:8d:bf:ba:4d:
|
||||
d5:81:90:00:41:d1:f8:0e:24:74:ac:54:83:36:60:
|
||||
4a:ca:f3:10:28:fe:a2:c7:57:72:e3:ea:e2:00:22:
|
||||
0f:db:69:ff:6e:5b:44:a7:d2:a6:62:4a:14:e5:7a:
|
||||
26:4b:e0:cc:16:a7:79:c2:f0:ad:fc:0d:7c:9f:7c:
|
||||
79:22:3c:35:67:c1:06:cf:b6:02:cc:ca:86:ae:dd:
|
||||
87:03:ec:d1:2f:ca:f4:77:ff:c3:4b:72:9f:1e:b6:
|
||||
47:fb:9a:ab:ae:b6:e5:8f:c6:87:c9:db:e4:94:bc:
|
||||
43:aa:a9:fe:66:06:f1:28:84:63:38:9f:83:5c:6d:
|
||||
cc:6c:6b:e4:e2:06:94:8f:ff:9f:47:99:df:a0:10:
|
||||
f1:23:19:40:db:09:fe:85:70:17:bf:aa:ff:79:54:
|
||||
8f:3e:ce:a4:1a:a6:0b:34:9b:30:f2:a8:ed:b8:6f:
|
||||
3d:3e:08:32:86:4b:8d:b0:2a:0e:2d:8f:c9:be:d5:
|
||||
cc:47:36:9d:73:3d:d1:21:2e:67:9f:04:1e:12:82:
|
||||
c3:b6:7f:84:f4:d6:d0:96:b8:fd:5f:22:98:6f:30:
|
||||
96:d8:43:09:00:da:0d:98:7b:02:5b:f2:19:d1:a2:
|
||||
a1:77:b0:bb:94:c3:71:69:81:80:44:0b:2c:36:8f:
|
||||
ab:81:45:e3:d5:b5:1b:25:00:69:1d:93:89:8f:80:
|
||||
19:57:db:a6:d5:83:38:79:ff:6f:f6:16:f4:b2:56:
|
||||
28:94:7c:3a:61:2d:72:b3:75:2b:df:cf:bf:d3:4e:
|
||||
60:54:5b:51:75:a1:50:2e:c5:17:bc:b6:af:08:02:
|
||||
c9:46:e5:9f:16:fe:a4:e9:5a:7f:1f:20:e5:46:2c:
|
||||
0b:de:40:c2:b3:2f:ae:97:e9:65:f4:30:b8:da:b3:
|
||||
1b:eb:2e:d6:c4:09:ca:ee:53:7a:23:99:96:2e:42:
|
||||
fb:69:66:38:42:3f:45:6b:e3:9e:6a:f1:b0:79:24:
|
||||
98:39:a1:33:18:78:4d:ba:54:3d:a4:8b:30:f5:fd:
|
||||
d7:10:a1:a1:d5:78:52:a2:3a:4a:84:73:38:d3:0b:
|
||||
93:98:63:30:6f:9d:c6:85:7e:63:07:75:0f:8a:33:
|
||||
1d:6e:01
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
Netscape Comment:
|
||||
Easy-RSA Generated Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
05:82:E8:D6:6B:71:33:58:DB:DE:88:05:FB:52:84:BD:F3:4D:64:3A
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:10:75:D7:29:AC:8C:7D:38:52:34:22:27:55:62:4A:DB:BE:48:B9:BF
|
||||
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
serial:B4:69:F7:44:F3:80:0D:34
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:gw-ckubu
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
77:b5:36:f4:d3:00:4d:f6:47:38:c5:c9:46:73:ef:6b:2e:11:
|
||||
5a:e4:38:28:67:6e:d9:68:91:f8:5e:9d:c7:ce:67:ed:b8:d6:
|
||||
33:2c:c2:98:39:69:00:c0:da:36:3e:96:61:10:5b:9b:4a:e0:
|
||||
df:b6:86:09:53:14:73:38:81:6e:1b:df:ad:9b:ac:91:44:7b:
|
||||
47:c2:32:5d:eb:fd:ca:9d:99:96:c3:35:74:a6:f7:14:7b:a5:
|
||||
2a:08:5a:df:f6:be:8e:2e:71:94:33:40:4a:8d:e8:25:c0:d3:
|
||||
fa:ce:c7:ce:32:3c:38:fe:50:51:ea:be:83:80:01:46:dd:05:
|
||||
93:96:a9:9e:10:f9:09:e2:e5:8e:10:99:4b:06:59:aa:0a:dc:
|
||||
b0:29:29:21:1d:7c:dc:62:29:99:0d:67:a8:e8:5a:48:c9:88:
|
||||
4e:39:a5:d6:1d:e6:a7:94:47:5a:65:8b:13:61:97:97:48:4c:
|
||||
7d:15:7d:e3:3e:f3:92:17:4b:ac:bd:4e:6e:24:6f:ab:5b:2c:
|
||||
f3:bb:28:fb:bd:bc:5f:fb:50:3d:3e:67:ec:cc:84:0f:27:0e:
|
||||
ee:02:8d:0b:4d:dd:a4:aa:e8:76:b3:8b:5e:e5:0d:b8:e9:60:
|
||||
45:a2:77:62:d0:d0:4a:6f:87:47:3c:3c:77:1d:37:3a:5f:df:
|
||||
7e:37:ff:e7:ee:9f:ea:87:c4:a7:04:33:fe:c1:cf:21:ed:55:
|
||||
aa:8f:31:1a:8b:20:c5:71:e3:e8:c0:37:69:3d:2e:3e:e8:b3:
|
||||
0c:d3:65:ae:76:e8:6f:39:91:2b:5f:c1:9e:44:ce:e1:d9:fb:
|
||||
9d:ec:d9:c1:fa:69:da:3e:49:90:db:57:66:a0:ad:c8:cf:ae:
|
||||
2d:c1:9a:f7:b7:e8:47:74:8c:b7:00:03:42:9c:35:53:8a:19:
|
||||
f5:2e:63:f5:11:d3:c8:ff:d0:d6:c6:d7:66:59:21:90:02:3f:
|
||||
1b:48:89:17:1d:f7:b7:2f:3d:72:48:c6:7e:b4:2e:ab:c1:92:
|
||||
24:57:f6:b4:56:03:4b:1e:ff:f8:64:08:46:d4:0b:fc:3d:61:
|
||||
e9:03:cc:3b:4a:53:9b:f0:25:d1:e3:74:f5:57:d4:d6:60:5c:
|
||||
e5:a8:9b:d9:54:16:65:93:cd:e4:d6:0b:cd:62:00:6f:d8:37:
|
||||
0d:bb:d7:26:79:6d:ef:11:ca:c0:21:c7:eb:bc:aa:5e:40:b8:
|
||||
72:f7:b5:1b:07:8f:54:d4:6d:d0:48:35:e3:c1:bd:67:b1:2f:
|
||||
65:dd:75:da:23:8f:00:b7:87:8d:8d:ec:0b:e7:30:d5:bb:ba:
|
||||
44:b1:cc:2a:20:f5:e1:b1:5e:68:4a:91:3b:7d:12:7d:e9:0f:
|
||||
5a:01:6c:6e:bb:cf:9b:4b
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
|
||||
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
|
||||
Fw0xODAyMDYxMzM2NTRaFw0zODAyMDYxMzM2NTRaMIGlMQswCQYDVQQGEwJERTEP
|
||||
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
|
||||
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMPVlBOLUFLLWd3
|
||||
LWNrdWJ1MQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
|
||||
cGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1iJXRCsnhrkw
|
||||
vrvWg11+tAy89uYWXSt5lDxBVwuqoTEacmhnhfOT9yEDQys1jSm8u4FET2UUzI9g
|
||||
SNYFigYnKoVjjKKxGtlK2Bt9qgu36WlfzlnqNiKvUO2aHnxNwRNvI7b4YI2/uk3V
|
||||
gZAAQdH4DiR0rFSDNmBKyvMQKP6ix1dy4+riACIP22n/bltEp9KmYkoU5XomS+DM
|
||||
Fqd5wvCt/A18n3x5Ijw1Z8EGz7YCzMqGrt2HA+zRL8r0d//DS3KfHrZH+5qrrrbl
|
||||
j8aHydvklLxDqqn+ZgbxKIRjOJ+DXG3MbGvk4gaUj/+fR5nfoBDxIxlA2wn+hXAX
|
||||
v6r/eVSPPs6kGqYLNJsw8qjtuG89PggyhkuNsCoOLY/JvtXMRzadcz3RIS5nnwQe
|
||||
EoLDtn+E9NbQlrj9XyKYbzCW2EMJANoNmHsCW/IZ0aKhd7C7lMNxaYGARAssNo+r
|
||||
gUXj1bUbJQBpHZOJj4AZV9um1YM4ef9v9hb0slYolHw6YS1ys3Ur38+/005gVFtR
|
||||
daFQLsUXvLavCALJRuWfFv6k6Vp/HyDlRiwL3kDCsy+ul+ll9DC42rMb6y7WxAnK
|
||||
7lN6I5mWLkL7aWY4Qj9Fa+OeavGweSSYOaEzGHhNulQ9pIsw9f3XEKGh1XhSojpK
|
||||
hHM40wuTmGMwb53GhX5jB3UPijMdbgECAwEAAaOCAWgwggFkMAkGA1UdEwQCMAAw
|
||||
LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
|
||||
BgNVHQ4EFgQUBYLo1mtxM1jb3ogF+1KEvfNNZDowgdEGA1UdIwSByTCBxoAUEHXX
|
||||
KayMfThSNCInVWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
|
||||
EwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYD
|
||||
VQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkT
|
||||
BlZQTiBBSzEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84AN
|
||||
NDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoII
|
||||
Z3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAHe1NvTTAE32RzjFyUZz72suEVrk
|
||||
OChnbtlokfhencfOZ+241jMswpg5aQDA2jY+lmEQW5tK4N+2hglTFHM4gW4b362b
|
||||
rJFEe0fCMl3r/cqdmZbDNXSm9xR7pSoIWt/2vo4ucZQzQEqN6CXA0/rOx84yPDj+
|
||||
UFHqvoOAAUbdBZOWqZ4Q+Qni5Y4QmUsGWaoK3LApKSEdfNxiKZkNZ6joWkjJiE45
|
||||
pdYd5qeUR1plixNhl5dITH0VfeM+85IXS6y9Tm4kb6tbLPO7KPu9vF/7UD0+Z+zM
|
||||
hA8nDu4CjQtN3aSq6Hazi17lDbjpYEWid2LQ0Epvh0c8PHcdNzpf3343/+fun+qH
|
||||
xKcEM/7BzyHtVaqPMRqLIMVx4+jAN2k9Lj7oswzTZa526G85kStfwZ5EzuHZ+53s
|
||||
2cH6ado+SZDbV2agrcjPri3Bmve36Ed0jLcAA0KcNVOKGfUuY/UR08j/0NbG12ZZ
|
||||
IZACPxtIiRcd97cvPXJIxn60LqvBkiRX9rRWA0se//hkCEbUC/w9YekDzDtKU5vw
|
||||
JdHjdPVX1NZgXOWom9lUFmWTzeTWC81iAG/YNw271yZ5be8RysAhx+u8ql5AuHL3
|
||||
tRsHj1TUbdBINePBvWexL2XdddojjwC3h42N7AvnMNW7ukSxzCog9eGxXmhKkTt9
|
||||
En3pD1oBbG67z5tL
|
||||
-----END CERTIFICATE-----
|
||||
29
AK/openvpn/gw-ckubu/keys/gw-ckubu.csr
Normal file
29
AK/openvpn/gw-ckubu/keys/gw-ckubu.csr
Normal file
@ -0,0 +1,29 @@
|
||||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIE6zCCAtMCAQAwgaUxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
|
||||
BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3b3Jr
|
||||
IFNlcnZpY2VzMRgwFgYDVQQDEw9WUE4tQUstZ3ctY2t1YnUxDzANBgNVBCkTBlZQ
|
||||
TiBBSzEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwggIiMA0GCSqGSIb3
|
||||
DQEBAQUAA4ICDwAwggIKAoICAQDWIldEKyeGuTC+u9aDXX60DLz25hZdK3mUPEFX
|
||||
C6qhMRpyaGeF85P3IQNDKzWNKby7gURPZRTMj2BI1gWKBicqhWOMorEa2UrYG32q
|
||||
C7fpaV/OWeo2Iq9Q7ZoefE3BE28jtvhgjb+6TdWBkABB0fgOJHSsVIM2YErK8xAo
|
||||
/qLHV3Lj6uIAIg/baf9uW0Sn0qZiShTleiZL4MwWp3nC8K38DXyffHkiPDVnwQbP
|
||||
tgLMyoau3YcD7NEvyvR3/8NLcp8etkf7mquutuWPxofJ2+SUvEOqqf5mBvEohGM4
|
||||
n4Ncbcxsa+TiBpSP/59Hmd+gEPEjGUDbCf6FcBe/qv95VI8+zqQapgs0mzDyqO24
|
||||
bz0+CDKGS42wKg4tj8m+1cxHNp1zPdEhLmefBB4SgsO2f4T01tCWuP1fIphvMJbY
|
||||
QwkA2g2YewJb8hnRoqF3sLuUw3FpgYBECyw2j6uBRePVtRslAGkdk4mPgBlX26bV
|
||||
gzh5/2/2FvSyViiUfDphLXKzdSvfz7/TTmBUW1F1oVAuxRe8tq8IAslG5Z8W/qTp
|
||||
Wn8fIOVGLAveQMKzL66X6WX0MLjasxvrLtbECcruU3ojmZYuQvtpZjhCP0Vr455q
|
||||
8bB5JJg5oTMYeE26VD2kizD1/dcQoaHVeFKiOkqEczjTC5OYYzBvncaFfmMHdQ+K
|
||||
Mx1uAQIDAQABoAAwDQYJKoZIhvcNAQELBQADggIBABfDR6XX9PyMssjRv+hUUEUZ
|
||||
ixinvBHgziFQ4ZyFqz+hNfAmvX0qUT6VwJasIY6ajCH05lKTY+lrBoNEFfqL0yyV
|
||||
azYHhhDqe0HDMW+F0uzs4gC4eIEk7TDzctPtgr3HdpVICeWCv1gGZHkO6dYLiYV2
|
||||
YrIbSN2axQzzpFxRLEPrdUtxKEuECwPV3+xxdSIZsXXvLJpJamW5/Jd1A5yFzvCm
|
||||
esAucNcblF76Rz15MXQ7lnSEPKu+OlabezsjjUoSV9n1UHBQrxYyuaOP6WBRjwd3
|
||||
bUED7fQsRbd9SzADfcUEXrSzkrDUyDSxLPCcSzuPC/juT/FfM/DtRN437/lpNwm6
|
||||
vPzOwyPqDvgNUL6St84y695Ivl/kVwMAq8Rmbldj1fmEfz9vzlbjjjeS+4tyNHfr
|
||||
8SpzUtG+SBAzzLPizAo8WiMJqh565YdVwgthmpg8u0ZrBVoDCgcP7dkJ5xDHI3M2
|
||||
MwddoncLd2qwF6fJ0wWs5sv9ydjRkF4oSjcI1xtobJnBnIlDweALdqvspwPmKPMe
|
||||
yfZrW8DbU/MRgfAK85e1ChUTL+mBB/nX2/1xQUb9ltZn7Q9divdAAUFE5ogRngX0
|
||||
fkN6SZ2vp7rm7CA3X5Z+ynbolZOFfRaj0h42PvE4ja6Zbcg0PNgx1R6BH9ggDjlR
|
||||
V40gst/0d+nEcC9u2Wx6
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
54
AK/openvpn/gw-ckubu/keys/gw-ckubu.key
Normal file
54
AK/openvpn/gw-ckubu/keys/gw-ckubu.key
Normal file
@ -0,0 +1,54 @@
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI62QkbYGv0EYCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM5hsq05gmbkBIIJSJV6xZtsAe56
|
||||
teLN4Bl1fR+qUAfmKm3q94RgI1f9Rc4MpBf64b61IgkVWnQ4ec4CAPnhe2FeUExh
|
||||
HGRoeBWR88WaTgNBo6+VUhTCYPAelLvGjhG9TUjn4sigSU3/nQos9NTEMiZjv4+j
|
||||
zQxhAxcdjWHOtUkScKz9EDAmU5EAais87VSg4a0AORgHNp88SOdTf56EqzZ5nh06
|
||||
NQwiUN4zlrTs2X3mnL9Xx9OPqkha4Ij2efr7eKN9Oex/IpQndH/5AUpNcjfn1sQw
|
||||
pokSOQK85AulhRVD9BMD+PTVsOy7xIrQkusv80NsZyqdCAGZLaRzw1aQv5tTLsD+
|
||||
pukAzv8rdaFX+k3+Pa3IZbjDGibPTw6Jy+2RY1XEOn7KD/PaULhWnNqioWG93Prh
|
||||
ShsAYUeAJaAmiY61D5ORiHVw0D3lUwBjuENd8AQ+y6ofIpdMnsJGzyfomswxSpz9
|
||||
CjwXUgdd99A+eeS/IDzDVECeAM0X/ugJ/gILa3ntK/DVVjap5UfCch6wpYnCYoIc
|
||||
p3aRYc5TeMR1U1DDrWt9c/4hB22dn5On0mSyC0K/eYdFYqZq+jDCNkMbvGRqFfCl
|
||||
qUP+SO+h6miAjakBymIZ/X4i82PucHqC+HXvcYbY4LttKEsztl+WcK8qXWxhgljv
|
||||
8dJLEqD6l4FmcdP1CCIpnMnYmjJLVmOVxhusWnSsbj9se55nL+mjtOCdWCMlAMr1
|
||||
06sz34Ujq1lfsB7nn+z7O+1ZuMU3qcgPigHXQYJRwpD+eCCUsKbKAPvCHqZxjtOR
|
||||
k9eDTQvJMsHFA0TCQ1sMPFhuMAkH+ZhW5Fn1Qguc52aG5oT+ABjhvtN1qKQhhu88
|
||||
AwfAPME60+1rmUwu75OZ22lDBVCmqu1MHQEtI7QoJqIXP9fY8bZk9XjgrqzYeQqV
|
||||
ls5DVJ48uY9BoMHYNFCwnSVmMFHIVPySSjZNN7LoEICevbr1iL3la8BtGaEFPo6V
|
||||
0u+xZMDB8uRoX4sc/yBavu85FWUEKP3P/IZ0Q7qhVd27Y+gZqGqm4HZ6SWMNx3qv
|
||||
zNfnfx8ChYWhMbZOAuurEJ/ge0lN5pHJQYPaHJ7J5UIXHclAXPKUJXiSam6XiIyo
|
||||
NAlxHvHItk5xnvgqq0m5jRkyhU+LcPplee7AIFptpk1Snrxv7weofqrUrRP0XPMr
|
||||
YUxQHbqq+P1XDJQzS/fk/CE3hvwoIPTcnsazvaymaMCN4f+yAIkIur26FoN1Egz0
|
||||
ed9zMuE/Q+Uy2wctVDf7ckcAvUJVmQO8ZeM81JO8qak424so9K+VK/1c5+nmwPx+
|
||||
HbzSzGCLvT/AsAsgAWuSnqSpfNkK78YHsZ0166CZgsuUxbr2QncU88m4u+nxvPhV
|
||||
88MTibkCopYa0fLgrdmM0KbgY0wCGBmMIgrSd77kKuKZuqtKKPvPClK8XeI5I1Kg
|
||||
vaeZslPTCFJQAmABLcbtZi5GejUlh3zxPXWwr0xHWt9QMxqXIbKz9w98ZVxB6JgG
|
||||
dc2eXN6Y53GWS2rPMCj57JnJzSOY7cH3mUcEAn8sZj3tfnhvjyjrLoVW6DS9DxH6
|
||||
+hrYeEH2SB4VFo9LAkQf8nXGmf6Drc2CuHBggdL6E7eiqJwpFxJyWZF9cAyUIKNY
|
||||
3QGe01nD7/FJ2OdQ3TewwJdO6VM9MCacCg5Tu3CCaBn/ROMDeJ6waxCAaWC0a3ye
|
||||
/qF72uUPBnGmepCL8UNty5EHGJEQdLsFUqcz6esBd5QsJQFd4a6Dj+6dygHA5pFS
|
||||
imsM3CvEucQLinv14T2MlSfEHGKG838XcNz45z55C6LRWmDo8YhGJpyWLTRanOPO
|
||||
YgzRW64jjoowmCOYN+dHMu2N8TuHJaGtNywwzJS/hAmGywn8nQjm2hBBgmzbP4Z9
|
||||
mv/j3sym/S43HLgoxFXdyy+A4mWhC6DYyqctC5stUb7LWhDDH1q3/vIpbGzNOlIU
|
||||
64RU7tnb73tfNAvP27wok1Y5QulkrcgmGhT1mEXC2Dmd6UNU53cPKC2L9mSYwpLY
|
||||
oI0S5LrNfvcJbv1T+Q+6tl4JOviv9c1pxHrGU5QiUC9iWHQAqABewDQcvZHCgkv3
|
||||
n1GU2n/Cw3FJN5VKZvsEsL3uLt0iPNsq+gXt1O1+72vnsU9WGb3cLpei+69NaWC2
|
||||
Y1eYROJUwvISYh5Fj3AbQHkeaoMBnlD65MtCC27e4wQ08f1WK9yqD9RuF0/AyoMq
|
||||
eKuacUkDdRsGtv/EPw+2Y4TVZU8NCx/bklwzfti9d5Gvl13dVKH2rNxNzfU2uwN9
|
||||
VMylBtSPKy0M7mIneZmpAFRDUzcVAV/+1u8khfWG0L6AX9jD3m/9/kKZIsVRuxLP
|
||||
RW8OcSkZ38Y8LachhEToEyr1s0iPWOa2Uo6/nPpBswk8yI5CGETSvsL0+imcnykU
|
||||
GJJGLNRg8QZRAXzB/CadLZ2YLSp+VbwY1RI9MUnOIQy4nDJYmqtrlFtFlbkgYign
|
||||
eI6NycS8iTSQkGJHJCxftPW5HU/rOFoVmDkdpZ8lMBJsjqsrWxuMhZdYhd12SYRz
|
||||
c8MUarMyTCNYOA/U3avP3wcMWlIBGXnDhCSJWuP4TgekL8YeXIZlpqfLNSbjjzjK
|
||||
Qjr1QWrFcheKFtcN+RwxjmEH9VIx/Gl+j39GKjuVE6qFv8ydf5pO6hNlpUhdPwbw
|
||||
AfnY26813nPRQszCSKXgT6ZzLExlOdGEtcsLdVgNhqTG/YLSOWOzLogqbbIGBXrP
|
||||
iDenjXgL+KWWVx68rLIkX6uXp7ECyJuIzHdA4rz4BJ2E8N07RWIB4UIJqDkb+SmB
|
||||
uBjHA/lnnF1NgTaF1YfGTBYJBh9A5De0lWs7f/4FBuQ6cudLHw1TWFzXNYrBUvIi
|
||||
JVi3wm1MZYiLz5uWvf4hqS6kuxtHlkxmZeOjawxyNAaESesM3LiuGNa4wlAdLqrb
|
||||
Re9jzz6n7OyL+7NEjpDgxS7kx2UjgZfrH3+FhGAGJaaqfeC1Gz21jXNc4S+zHxP2
|
||||
Qt3/qm027TN1TARpTxDK4eGRFgOLyDbb+8aeaywjcqUWRN5tWutFNavSn/Amgugh
|
||||
mSxJJvyf0WKnh6cbX5mGQFzKiaAqz22IgtcSovZt0K13KR6IExQZW1N2QbpchjWM
|
||||
NFwD7jxGsOPeukul9fpANrZk+qXZqjSX58bEbMax+th1WNpnEqG470FvcJv8z72e
|
||||
6YP6NW+YmJhshYOCv/q6Ng==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
2
AK/openvpn/gw-ckubu/keys/index.txt
Normal file
2
AK/openvpn/gw-ckubu/keys/index.txt
Normal file
@ -0,0 +1,2 @@
|
||||
V 380206133043Z 01 unknown /C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK-server/name=VPN AK/emailAddress=argus@oopen.de
|
||||
V 380206133654Z 02 unknown /C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK-gw-ckubu/name=VPN AK/emailAddress=argus@oopen.de
|
||||
1
AK/openvpn/gw-ckubu/keys/index.txt.attr
Normal file
1
AK/openvpn/gw-ckubu/keys/index.txt.attr
Normal file
@ -0,0 +1 @@
|
||||
unique_subject = yes
|
||||
1
AK/openvpn/gw-ckubu/keys/index.txt.attr.old
Normal file
1
AK/openvpn/gw-ckubu/keys/index.txt.attr.old
Normal file
@ -0,0 +1 @@
|
||||
unique_subject = yes
|
||||
1
AK/openvpn/gw-ckubu/keys/index.txt.old
Normal file
1
AK/openvpn/gw-ckubu/keys/index.txt.old
Normal file
@ -0,0 +1 @@
|
||||
V 380206133043Z 01 unknown /C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK-server/name=VPN AK/emailAddress=argus@oopen.de
|
||||
1
AK/openvpn/gw-ckubu/keys/serial
Normal file
1
AK/openvpn/gw-ckubu/keys/serial
Normal file
@ -0,0 +1 @@
|
||||
03
|
||||
1
AK/openvpn/gw-ckubu/keys/serial.old
Normal file
1
AK/openvpn/gw-ckubu/keys/serial.old
Normal file
@ -0,0 +1 @@
|
||||
02
|
||||
141
AK/openvpn/gw-ckubu/keys/server.crt
Normal file
141
AK/openvpn/gw-ckubu/keys/server.crt
Normal file
@ -0,0 +1,141 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 1 (0x1)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Validity
|
||||
Not Before: Feb 6 13:30:43 2018 GMT
|
||||
Not After : Feb 6 13:30:43 2038 GMT
|
||||
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Network Services, CN=VPN-AK-server/name=VPN AK/emailAddress=argus@oopen.de
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
Modulus:
|
||||
00:d6:54:ff:ed:31:40:93:d3:2e:da:0a:e2:7a:f6:
|
||||
51:83:c6:15:03:62:aa:59:e9:71:20:a3:af:4d:94:
|
||||
30:3e:23:30:18:f2:02:91:03:7a:6c:fe:ea:d2:8f:
|
||||
22:c7:19:10:5c:d2:ea:93:7e:5e:88:7b:9b:db:23:
|
||||
8c:b2:85:d7:d1:b1:ac:8d:3c:59:30:ec:2a:63:b5:
|
||||
56:32:e7:7d:af:bd:0c:05:74:30:a2:7f:42:8c:2b:
|
||||
b3:cc:e2:f2:5f:73:52:d4:27:44:87:1e:fb:c9:a4:
|
||||
0e:0d:1c:f9:b0:b9:dd:49:62:af:c8:1c:9e:7b:70:
|
||||
7c:21:ea:f1:fc:45:45:c6:f0:c8:36:c1:b6:b8:c4:
|
||||
b4:e6:78:45:8e:cb:e9:1e:33:41:f2:20:30:5f:3a:
|
||||
ba:b5:37:67:a1:b7:85:90:1f:19:3f:8b:42:a2:40:
|
||||
02:ba:67:25:92:58:57:dd:cc:af:92:c5:f4:99:a1:
|
||||
7a:f9:1c:cb:4b:4d:66:0c:9f:45:b0:5d:85:df:3d:
|
||||
cc:a9:77:73:d9:a1:ee:bc:d8:ee:8c:cd:91:96:2c:
|
||||
70:fb:4f:f1:cb:3d:90:aa:73:d6:ab:4b:b0:a5:f1:
|
||||
41:a3:f1:ea:8a:f3:20:5f:c1:88:cf:68:66:c3:65:
|
||||
eb:ef:b9:ed:ec:2c:8c:96:b7:eb:70:e5:c3:7b:52:
|
||||
c5:89:40:39:53:a1:ca:fc:84:05:2f:63:d3:5d:67:
|
||||
8d:94:26:1f:a8:fd:ae:9b:4e:64:87:8f:38:76:fc:
|
||||
06:30:49:ff:23:19:d6:a3:06:9d:3f:2b:1e:4f:42:
|
||||
44:6b:66:1f:55:88:19:23:40:9b:01:32:96:22:87:
|
||||
fa:9c:8e:0a:41:6b:e1:cf:a3:68:db:80:e1:5d:86:
|
||||
72:e0:33:0b:cd:30:5e:aa:c7:8a:20:19:0a:6e:2c:
|
||||
c9:01:36:57:bc:2d:c7:95:aa:3f:9c:40:47:e1:34:
|
||||
03:90:d0:9f:11:4e:f3:d4:3c:a9:fe:63:81:db:f0:
|
||||
bd:27:4c:4a:6d:89:a4:95:1a:f1:ed:b8:b8:a2:71:
|
||||
52:91:ff:e0:8b:b6:9e:31:fc:b7:c4:0e:07:84:29:
|
||||
20:79:57:99:5b:7e:5f:be:eb:a2:bb:73:9d:ef:f2:
|
||||
1e:8b:24:c6:86:91:68:cd:71:bd:35:05:d5:9f:cf:
|
||||
e7:5f:b4:9a:2f:12:9c:b5:3f:8a:7f:c7:b0:cf:d7:
|
||||
70:ea:28:63:65:6d:7c:64:ad:06:4d:1d:17:30:ca:
|
||||
0f:54:76:21:90:16:a0:49:0a:87:ae:b3:ff:dd:e0:
|
||||
71:17:0d:71:ee:96:8a:2d:86:14:fb:99:5f:ec:9f:
|
||||
5f:25:79:cf:42:7a:13:0c:66:cc:7a:60:83:43:77:
|
||||
f4:b6:f1
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
Netscape Cert Type:
|
||||
SSL Server
|
||||
Netscape Comment:
|
||||
Easy-RSA Generated Server Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
C6:1E:B3:D8:34:53:70:7C:82:D3:64:78:9C:4C:33:01:71:8A:67:66
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:10:75:D7:29:AC:8C:7D:38:52:34:22:27:55:62:4A:DB:BE:48:B9:BF
|
||||
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Network Services/CN=VPN-AK/name=VPN AK/emailAddress=argus@oopen.de
|
||||
serial:B4:69:F7:44:F3:80:0D:34
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:server
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
91:4a:bc:3a:35:78:e5:e5:66:b6:36:5a:66:0d:da:e3:01:7c:
|
||||
07:be:0e:0e:2e:61:1a:c0:74:90:83:f7:39:8b:2d:0a:06:92:
|
||||
ca:75:d3:ac:a6:94:66:10:41:30:2c:dd:77:c3:12:e0:5c:97:
|
||||
e6:5d:c3:ef:2f:63:65:d0:f7:c3:9f:72:6f:54:07:e8:80:af:
|
||||
35:53:74:6f:4d:ea:33:0a:86:8c:1d:79:f1:22:76:97:f4:43:
|
||||
34:01:0e:8c:79:8e:23:60:67:89:ad:eb:48:4a:d4:50:a7:09:
|
||||
bf:00:ce:d6:d6:6c:e8:f1:06:b0:f9:1c:de:1d:d9:32:2c:8a:
|
||||
02:dd:0f:31:a7:0f:f7:92:e5:f6:7d:37:7f:a8:5f:bc:87:93:
|
||||
4d:58:1a:6b:e0:84:a0:7b:6d:f7:6e:84:e6:94:87:70:59:3a:
|
||||
9d:07:c4:1a:21:96:8c:04:51:e4:f1:01:49:0d:3f:7d:d4:65:
|
||||
5b:ae:dc:40:4b:63:71:0d:ef:bc:e3:f6:ab:11:2c:b8:2f:df:
|
||||
5a:bd:70:21:03:d0:54:b0:3f:ce:70:d4:4e:f2:ec:1d:54:b6:
|
||||
1a:53:ea:e7:2c:82:83:74:98:52:41:0e:4b:cd:03:02:9e:4f:
|
||||
7c:85:45:13:6c:ec:a2:ba:18:ca:62:39:3c:45:f4:83:86:74:
|
||||
77:0c:b4:fb:f7:50:f6:77:a2:91:db:5a:3c:d9:3b:75:2e:3c:
|
||||
8a:68:dd:f3:fe:9a:4c:1a:d6:a6:46:d6:3f:9d:c2:f7:06:0f:
|
||||
4a:5b:9a:de:27:39:a1:e9:19:8a:82:86:de:5f:86:82:f0:cc:
|
||||
5c:47:64:fd:bf:8b:6a:f9:a2:ce:a8:75:12:1a:97:20:01:fa:
|
||||
a3:22:7d:1f:5d:66:09:f0:51:97:ff:e0:b0:89:e4:2b:33:de:
|
||||
c2:7e:86:24:34:28:6f:6a:5b:e7:f4:f8:4f:29:f5:06:9d:26:
|
||||
a5:f4:e6:69:cb:dc:22:e6:3d:ae:65:da:41:f0:23:aa:58:93:
|
||||
38:1e:14:fd:df:6e:af:9b:56:a4:d3:91:b7:33:a2:2d:5e:38:
|
||||
6c:e3:16:de:91:f1:4e:f3:5a:37:1f:a7:6b:d4:97:7f:1e:a9:
|
||||
34:a9:e3:db:38:7c:59:38:aa:c7:08:0b:89:46:42:c5:57:65:
|
||||
a1:26:f2:57:0d:33:d1:25:24:da:b3:f6:2c:ac:b7:71:18:df:
|
||||
20:06:90:89:78:f1:c4:7f:b6:48:78:f4:29:82:01:09:29:9c:
|
||||
21:34:b3:e8:06:71:61:9c:da:34:38:4c:c3:ad:73:15:da:0a:
|
||||
92:51:71:aa:67:87:44:3e:9b:b8:10:aa:06:d2:f6:a0:85:b0:
|
||||
8b:64:1d:68:35:c6:44:00
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIHPjCCBSagAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
|
||||
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
|
||||
Fw0xODAyMDYxMzMwNDNaFw0zODAyMDYxMzMwNDNaMIGjMQswCQYDVQQGEwJERTEP
|
||||
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
|
||||
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEWMBQGA1UEAxMNVlBOLUFLLXNl
|
||||
cnZlcjEPMA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Bl
|
||||
bi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANZU/+0xQJPTLtoK
|
||||
4nr2UYPGFQNiqlnpcSCjr02UMD4jMBjyApEDemz+6tKPIscZEFzS6pN+Xoh7m9sj
|
||||
jLKF19GxrI08WTDsKmO1VjLnfa+9DAV0MKJ/Qowrs8zi8l9zUtQnRIce+8mkDg0c
|
||||
+bC53Ulir8gcnntwfCHq8fxFRcbwyDbBtrjEtOZ4RY7L6R4zQfIgMF86urU3Z6G3
|
||||
hZAfGT+LQqJAArpnJZJYV93Mr5LF9Jmhevkcy0tNZgyfRbBdhd89zKl3c9mh7rzY
|
||||
7ozNkZYscPtP8cs9kKpz1qtLsKXxQaPx6orzIF/BiM9oZsNl6++57ewsjJa363Dl
|
||||
w3tSxYlAOVOhyvyEBS9j011njZQmH6j9rptOZIePOHb8BjBJ/yMZ1qMGnT8rHk9C
|
||||
RGtmH1WIGSNAmwEyliKH+pyOCkFr4c+jaNuA4V2GcuAzC80wXqrHiiAZCm4syQE2
|
||||
V7wtx5WqP5xAR+E0A5DQnxFO89Q8qf5jgdvwvSdMSm2JpJUa8e24uKJxUpH/4Iu2
|
||||
njH8t8QOB4QpIHlXmVt+X77rortzne/yHoskxoaRaM1xvTUF1Z/P51+0mi8SnLU/
|
||||
in/HsM/XcOooY2VtfGStBk0dFzDKD1R2IZAWoEkKh66z/93gcRcNce6Wii2GFPuZ
|
||||
X+yfXyV5z0J6EwxmzHpgg0N39LbxAgMBAAGjggGAMIIBfDAJBgNVHRMEAjAAMBEG
|
||||
CWCGSAGG+EIBAQQEAwIGQDA0BglghkgBhvhCAQ0EJxYlRWFzeS1SU0EgR2VuZXJh
|
||||
dGVkIFNlcnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUxh6z2DRTcHyC02R4nEwz
|
||||
AXGKZ2YwgdEGA1UdIwSByTCBxoAUEHXXKayMfThSNCInVWJK275Iub+hgaKkgZ8w
|
||||
gZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxp
|
||||
bjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8w
|
||||
DQYDVQQDEwZWUE4tQUsxDzANBgNVBCkTBlZQTiBBSzEdMBsGCSqGSIb3DQEJARYO
|
||||
YXJndXNAb29wZW4uZGWCCQC0afdE84ANNDATBgNVHSUEDDAKBggrBgEFBQcDATAL
|
||||
BgNVHQ8EBAMCBaAwEQYDVR0RBAowCIIGc2VydmVyMA0GCSqGSIb3DQEBCwUAA4IC
|
||||
AQCRSrw6NXjl5Wa2NlpmDdrjAXwHvg4OLmEawHSQg/c5iy0KBpLKddOsppRmEEEw
|
||||
LN13wxLgXJfmXcPvL2Nl0PfDn3JvVAfogK81U3RvTeozCoaMHXnxInaX9EM0AQ6M
|
||||
eY4jYGeJretIStRQpwm/AM7W1mzo8Qaw+RzeHdkyLIoC3Q8xpw/3kuX2fTd/qF+8
|
||||
h5NNWBpr4ISge233boTmlIdwWTqdB8QaIZaMBFHk8QFJDT991GVbrtxAS2NxDe+8
|
||||
4/arESy4L99avXAhA9BUsD/OcNRO8uwdVLYaU+rnLIKDdJhSQQ5LzQMCnk98hUUT
|
||||
bOyiuhjKYjk8RfSDhnR3DLT791D2d6KR21o82Tt1LjyKaN3z/ppMGtamRtY/ncL3
|
||||
Bg9KW5reJzmh6RmKgobeX4aC8MxcR2T9v4tq+aLOqHUSGpcgAfqjIn0fXWYJ8FGX
|
||||
/+CwieQrM97CfoYkNChvalvn9PhPKfUGnSal9OZpy9wi5j2uZdpB8COqWJM4HhT9
|
||||
326vm1ak05G3M6ItXjhs4xbekfFO81o3H6dr1Jd/Hqk0qePbOHxZOKrHCAuJRkLF
|
||||
V2WhJvJXDTPRJSTas/YsrLdxGN8gBpCJePHEf7ZIePQpggEJKZwhNLPoBnFhnNo0
|
||||
OEzDrXMV2gqSUXGqZ4dEPpu4EKoG0vaghbCLZB1oNcZEAA==
|
||||
-----END CERTIFICATE-----
|
||||
29
AK/openvpn/gw-ckubu/keys/server.csr
Normal file
29
AK/openvpn/gw-ckubu/keys/server.csr
Normal file
@ -0,0 +1,29 @@
|
||||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIE6TCCAtECAQAwgaMxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
|
||||
BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3b3Jr
|
||||
IFNlcnZpY2VzMRYwFAYDVQQDEw1WUE4tQUstc2VydmVyMQ8wDQYDVQQpEwZWUE4g
|
||||
QUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIICIjANBgkqhkiG9w0B
|
||||
AQEFAAOCAg8AMIICCgKCAgEA1lT/7TFAk9Mu2grievZRg8YVA2KqWelxIKOvTZQw
|
||||
PiMwGPICkQN6bP7q0o8ixxkQXNLqk35eiHub2yOMsoXX0bGsjTxZMOwqY7VWMud9
|
||||
r70MBXQwon9CjCuzzOLyX3NS1CdEhx77yaQODRz5sLndSWKvyByee3B8Ierx/EVF
|
||||
xvDINsG2uMS05nhFjsvpHjNB8iAwXzq6tTdnobeFkB8ZP4tCokACumclklhX3cyv
|
||||
ksX0maF6+RzLS01mDJ9FsF2F3z3MqXdz2aHuvNjujM2Rlixw+0/xyz2QqnPWq0uw
|
||||
pfFBo/HqivMgX8GIz2hmw2Xr77nt7CyMlrfrcOXDe1LFiUA5U6HK/IQFL2PTXWeN
|
||||
lCYfqP2um05kh484dvwGMEn/IxnWowadPyseT0JEa2YfVYgZI0CbATKWIof6nI4K
|
||||
QWvhz6No24DhXYZy4DMLzTBeqseKIBkKbizJATZXvC3Hlao/nEBH4TQDkNCfEU7z
|
||||
1Dyp/mOB2/C9J0xKbYmklRrx7bi4onFSkf/gi7aeMfy3xA4HhCkgeVeZW35fvuui
|
||||
u3Od7/IeiyTGhpFozXG9NQXVn8/nX7SaLxKctT+Kf8ewz9dw6ihjZW18ZK0GTR0X
|
||||
MMoPVHYhkBagSQqHrrP/3eBxFw1x7paKLYYU+5lf7J9fJXnPQnoTDGbMemCDQ3f0
|
||||
tvECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQAgB9FbRhYOdXMtQn8TfT3rN1Ya
|
||||
VghURxqmzxc1HQIvICXiOyP4XQVkefMWrEkFDP1a/jj6/6xkA7riIC2xMLNGrnPE
|
||||
j5OCQJAQKk07eaOUkI4ouNveNKyxpMdHJHloydlo/mwtJMOYc57PSCSggDkUgvr+
|
||||
NtNx0So8FDxsCl9CsU6cXMO6hehtPUZxvfHdHVAilvcz0JE4bLtX/xAlZrr1mpMZ
|
||||
zNRXFqwteyRaomPDLUkXe1I9zrUzEFHRko80YuuWZ61MbthKaS1rCNLuK6Fin44p
|
||||
Q98TPewicXfbGucCSqyXsAVwdWpu2/nmLEvO62LZe8nMVKw88tDn7crMg9dfWNtP
|
||||
tTvEaRJXlMIce7pUBERP7WEiTSR6X5Zc0RmvqbXUbvG5Agbzc+zrIk8GLmCw6xHn
|
||||
hynJLukDZae3UZxPUFuweJgPhCK/ohgpL+IORVoMpISfzHRWGU9C4/UTKo0OKAz3
|
||||
DLXBXyzHNDF463Vtt7niDTkNUPgjauNIWxxI59Y+CKnF/Q3CjxX+h46QJq5PFPF+
|
||||
sBx6MR7wDHQHoZPBFdL9F+f5AJIOkTYq0cvb3GAzN6+DgMPwQXpEk1UlV9w/Ki3c
|
||||
wQBtBKzXFB5X2IncMIGSfc670r2oASpZDo//2fvEG7vNtbPWeE1Uy4WgAaQtannk
|
||||
Drqr1RqgYNStmF1sUg==
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
52
AK/openvpn/gw-ckubu/keys/server.key
Normal file
52
AK/openvpn/gw-ckubu/keys/server.key
Normal file
@ -0,0 +1,52 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDWVP/tMUCT0y7a
|
||||
CuJ69lGDxhUDYqpZ6XEgo69NlDA+IzAY8gKRA3ps/urSjyLHGRBc0uqTfl6Ie5vb
|
||||
I4yyhdfRsayNPFkw7CpjtVYy532vvQwFdDCif0KMK7PM4vJfc1LUJ0SHHvvJpA4N
|
||||
HPmwud1JYq/IHJ57cHwh6vH8RUXG8Mg2wba4xLTmeEWOy+keM0HyIDBfOrq1N2eh
|
||||
t4WQHxk/i0KiQAK6ZyWSWFfdzK+SxfSZoXr5HMtLTWYMn0WwXYXfPcypd3PZoe68
|
||||
2O6MzZGWLHD7T/HLPZCqc9arS7Cl8UGj8eqK8yBfwYjPaGbDZevvue3sLIyWt+tw
|
||||
5cN7UsWJQDlTocr8hAUvY9NdZ42UJh+o/a6bTmSHjzh2/AYwSf8jGdajBp0/Kx5P
|
||||
QkRrZh9ViBkjQJsBMpYih/qcjgpBa+HPo2jbgOFdhnLgMwvNMF6qx4ogGQpuLMkB
|
||||
Nle8LceVqj+cQEfhNAOQ0J8RTvPUPKn+Y4Hb8L0nTEptiaSVGvHtuLiicVKR/+CL
|
||||
tp4x/LfEDgeEKSB5V5lbfl++66K7c53v8h6LJMaGkWjNcb01BdWfz+dftJovEpy1
|
||||
P4p/x7DP13DqKGNlbXxkrQZNHRcwyg9UdiGQFqBJCoeus//d4HEXDXHuloothhT7
|
||||
mV/sn18lec9CehMMZsx6YINDd/S28QIDAQABAoICAQC1UT8Y17u70sIl72Ndhpe7
|
||||
FI2eSY+3dIchh5e714tgZcBAuit1pi2hm53n9vMC368596w+jn9Gktts7YwPUq8b
|
||||
VGWXLeB+RKwvoa6EbdWkIBfVXU/viB0yG56Fy9Ai85q0o2uTq6ByGvlQGp0Y5oPP
|
||||
m079yUhBQQ2iW/HO6oN3IycdO49qi+5FsqWVged6hv5Y6OZDCZn9yBtBcdHp9IUV
|
||||
fqgmPmSQcMYWIepjVs+JKTId7b/sknFhCN81+l+oLdYc31kOXGGDUTx4QkS8lQN+
|
||||
uaXy1NTGjRSfPlPyoZuVJp3TJcq3NarDlyQ34ihdURHhwbcHP0DIGFtzLMzMvV8h
|
||||
ir4O3lY/bhXUrPMpg5D2pPaD2L/uyqluzfePK0r8Y2a0bv+cGPHu83MZCgoHvyF9
|
||||
Bd+r1rz3vWYDrAqJi2xjADsUDtwFvtBaBuTu1Q/dvwY7DF+cDKpThSC0+4P8bAqf
|
||||
rC95Z8NSIAQra+BKElQCHK1fB0yCf/rVPDt1wcrbDzxnDjG8ZRiKpuOtYz86oOuB
|
||||
jLSe9SP2cEx9Oc9mTFaojjfkwGqkmKH45fuHPwpQy1cdAFWzhaLTkFpQjBWpBDQL
|
||||
njrhrg8iaKoai6dfn5fK7UMDFPM3F8SiqJ+SfSsSeqfeMKgwlduzsIgqWafopLm+
|
||||
RYQYkH8EUkaHS+uUw6rX4QKCAQEA8vkqaLzCaqSdbs4Sxsy28lwShuaZDZwM8659
|
||||
zWGRLGVeWtQMJfMNXgE3+yo2Bdc5vhiHR4+GlKGsJxjqY0iPfFFr7AOmLEBgjkUF
|
||||
uw7eNrIVxD15SG7MRAcw1Cs1frwaot4I/jIhWqrYwmALq8C+UsSLZipXaBKCUYyE
|
||||
Ej7rqXyIoaao+V+7jU45jTNbfbtozZkfVGWDYQbopfZyabTmon2p0uvz3Q8BbvMk
|
||||
E58hEAGJFilZKyHscxsRw2lHmOQisyMC1pmM4aN4ZTBA16WhFKtNmCzcwfTJDZQQ
|
||||
hYxItYRFX63OqzG7M6+yWxTo8rX3fI9HAeJ2Pahheh14N2Ef7QKCAQEA4dK6w0AW
|
||||
TZ9RTzMyKVEHXBi6xQnkfH6qwtAuTnc5cBc7/Pwz+DH0+VR6vci4j7cs+mYvXAxY
|
||||
R7FuRRyDyiahWzlNpTPHzRQy1wfcxKl3B1LKgfr8VBxgAJ50AYkkmZsaSi5S1Haw
|
||||
PGOle+4dkkpFuC2X6FWr8i/2doz1PC4lqT1dlFQTM8p2xuAPEO7OCUSndPe30RGt
|
||||
oAvVgmdu01ba/bEGr6JF2bCfr2HBN/0cN8QS7F+13Tp96i4fm+fwjsgrqIlECuN4
|
||||
cvdbBGKM+SgwGFMBX1gmk9QYMQaqEDWU08YhWHrzdmAO5eoK6KNrHuBC1faL04sJ
|
||||
1K8juKAjAWlqlQKCAQEAlDcegamzxy4Hw1H97jtu1kUIIDaG4uBwni2xHBoKXtSv
|
||||
TCTSDExJuTBxH8vODJ4P4UBBNYv+AqjkxSzTviDDNojMlrpbId9bhy3fow4cy6yy
|
||||
znTZiS/ddxoT1TlOdrL0ZKmhPr8BzbcuZtQECo+XChJPHtFxZFD2Ihzfa+nqBAet
|
||||
qT5rEUQuurIfNV1A0GAEPHbNv8P08rkuLh86B/WMQ074y2uX5R+ENlQni7ikiIkH
|
||||
QPeUJ1WYUVcP7O5J+KAh8rjGwHYGlJYNmVxoEaQ9sMgWm1+ygrZ59sh9k5nRuLip
|
||||
QQZbbd72XT8uQ5VrzLLn95nHLQUiL9aJL97OOKoMuQKCAQACHn8gK+7JpbAWpS1Y
|
||||
U+lUxOqjxLb/MBUcJOX6WIYSdjVa52b5ckaRPGi2dTa+KoLiiqjxHTCK47BcN6tI
|
||||
71neSEhhP34lf4YGnI1GzyxNxkoeNCPAClAgUVxXU1kjk+AISC0Az2hR+MFpy089
|
||||
uzKySsM9K+ikKi0O6b23Zdt2nhvNs4hGmSTKMvoRN5x5W8qSf2ybKqZNdS74vU29
|
||||
7/e4H7wnU8eCBnVJKQquItLr9wwSaceEHvNlii9DwEZyoJBAUaFw1LehpI6XGPGn
|
||||
uOfSopzFr0cVZg0gEKbx5f7Sie5wLR8xwi8Bm1Ok4Tu1G3elGF4xiwF5nHciWWZa
|
||||
sgmNAoIBAQDZHa2roknLsDJFH8W7DsnfjSa1glAQGY6lB5rh6f1BseHvERSNog+s
|
||||
199Y624za5wVWA43jDy+UFfAetna1CwX+plCk2w4FNncmuBP8nR1EX7fWRh7lXpy
|
||||
TKyrOuxFzPZARRLQheBzmGrF2ktDhtlEhH4xRuMUVv0ARluJI0w9Uc9DFIMekHws
|
||||
oKMPlj3wd+SJgpCQL90ePUKGM/t7GqqwBd/yvtYhv1ns/4ZqZ9xAzoHcl9yTmNZW
|
||||
TsB3gdCQqtRFm6J4EN1Rx3pEa2wp7bcg4Lq9YPWfxoTzH0eWqGQY9xUbX0f8PUt3
|
||||
hNt/I4LbfLl15/FCDKH27AG04sr+m6N2
|
||||
-----END PRIVATE KEY-----
|
||||
21
AK/openvpn/gw-ckubu/keys/ta.key
Normal file
21
AK/openvpn/gw-ckubu/keys/ta.key
Normal file
@ -0,0 +1,21 @@
|
||||
#
|
||||
# 2048 bit OpenVPN static key
|
||||
#
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
9b6729c5c91b466a2bf7a494c2773f66
|
||||
6f580c49cf669c267b408d4e69b47554
|
||||
eb9a77dc00111f2ffb3be09c38a34c29
|
||||
441ed188e45a20a0bc31e28f0740ee28
|
||||
10a36049da14f04a4efdfbfc15e492c4
|
||||
e8c6cc0e07b5ad43f8a7f9685edf07cc
|
||||
3764e44b091a1277195ff52cad66574b
|
||||
b9396a38e10445255a387a4c510ad5c9
|
||||
9376d6cfe2aee6b4970faadbe8b4b581
|
||||
cd01a751bd07d53d984cdbd82c357820
|
||||
0251066db57e5863fc96e6ccc4ac9ebf
|
||||
b06231f21e93d1934a9ed0352ff0d3cc
|
||||
e1fc4269821572b858b3461c4eacacd0
|
||||
0eb309b692e49ea3cd9683ff4ae85161
|
||||
790f3ff5bc0d7dba51015e182d88a09c
|
||||
9389557003a462a4c57467320c9913a8
|
||||
-----END OpenVPN Static key V1-----
|
||||
Reference in New Issue
Block a user