o.open/Office_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Christoph
2018-05-08 03:01:03 +02:00
commit 1c4c595cd6
3256 changed files with 417972 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

258
CKUBU/openvpn/home-ckubu/chris.conf.sample Normal file
View File

@ -0,0 +1,258 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ckubu.homelinux.org 1194
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG4jCCBMqgAwIBAgIJAJJFyNRqWYU3MA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczETMBEGA1UEAxMK
SE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqGSIb3DQEJARYQ
c3VwcG9ydEBvb3Blbi5kZTAeFw0xNzA4MDkxNDAxNDRaFw00OTA4MDkxNDAxNDRa
MIGmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJs
aW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczET
MBEGA1UEAxMKSE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqG
SIb3DQEJARYQc3VwcG9ydEBvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBALae3zg7UYlmziw+LCYVg65H+lKNOcj/JArsL2MOnYEcmrePLI4e
GWRppLVpxKeG9kIpfVglfqRDdEY9eOFguJs+MsKwwRi2LzY1rCjDazCjTnQ0L0Zj
1RqJT1LqaEkzLv0cAWxza67K/n6vMaXxQ59jNAW/bOik1SogHiwrT78f2e+Zu3K8
tqkuuDwtwbU0jzL+m+IuHNVl1CTcAIZRmFbdxpWfi5pocrbOIlCwXbUP8ltp/E/t
xLKQqBP3ccgFwPuCGZBymUcpRdMgiDwifYnZK3H4STLSDN4b6K1PclKh46QuxDv2
egap+vctIKJRLguAPqRVjSoYK5UXUcZC+R6t8rHvxDGLwvk3IPeEI9z5bCvnm8cw
0e4/dr1EDjtwHXtw8X6DDf2biNmq4edCRxrgyQKwSOAsC4MhzFNPM112N1nJNrpR
nXNCKRNGF4MdI/zFqRLraafk0eT6yP9/6lmoQDJsjhUH/ziOB+cPS4XmUI/XwMF5
c56mD49gdG4ZivDtJeGcdZ4TSbD/lvc3yI1ECgouFPcBAJHwendA29xYMmuj4oCP
stW7N8HARZWzfwIdbB/HHupHIZ1HV4ACY0H7Sju6SMFxWi09dl92BYG9rhMW/M6A
+k7WxW0IEqZyQgen3fTRw97GJXaLM+anwwl89c6trOaME1ql/w91lAInAgMBAAGj
ggEPMIIBCzAdBgNVHQ4EFgQUXaBXd/nJzd6Iqb7Q+/D8ihm1nfAwgdsGA1UdIwSB
0zCB0IAUXaBXd/nJzd6Iqb7Q+/D8ihm1nfChgaykgakwgaYxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5P
UEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRMwEQYDVQQDEwpIT01FLUNL
VUJVMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0
QG9vcGVuLmRlggkAkkXI1GpZhTcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF
AAOCAgEAquNynEChfqP/lTY48YE3xhDycq0YF0WimD5NzKPgrCIP/1x3lyufzoiz
8DrqVZ61LKdJUJMcWRmyqiXS3WZFX9X7ktZvmf37E7JUvorSuF21PMm9Oj0yUsUX
y0AFUiH3fpNhCMxYiCqS85wWBy1+/6np1RodihGTPcLwAGLIVGEklyffyamQ2i2E
TZwZrZJrmLyzsdn4PT3vJyfAUUbcpgf32zjEZCCozlSdisZi8cn2pL7y1pcXA5Oi
gvLhDNntYTKcE1JjWqa/989JJgvvYD2fgCo+DkPw6i/Dic0UAZypHLKqiCc4f3Pc
GqtaY7nxQjMSGVnMjEn2yzyFtXep4lXn16Nh8ZnGbEk3dqCIBS2xzjcUs6YRdyMb
b2JIflNuI4Wrqx5CTyMM7lSNapZRPiP7Qw4xyq+og1TABJuc+9A3Pj/R/oztoHim
9p1zCM4m3tEBUCkYxet87BojVn4MQ37pees1Xi4oAFHqU5mCwpakO6rVOt4Y4vyZ
K4eF0w3NoRl+z4tbDFh+RjUj5tChKcMxaSitCsD0GGvd0nlO550tbxjMZlchpLhP
xG+rcU6098AdwAIjESyYfowVhHT+BDTefXphSYMz0ImaiBzbGwEmpce7sD1bYFSn
Wer/Kh24vsIIxcO2PNEKvQbO/I7YD4Yjk4pVGTUgD54LLX7k+7U=
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MzI1WhcNMzcwODA5MTU1MzI1WjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMT
EEhPTUUtQ0tVQlUtY2hyaXMxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG
9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDA5DrGxKOrIDkG6bN41khikTnVEWmg35qFA1OkbezVg8e0tuhAhDqh
ugWUbbKJAj/KIwQS1z/8yNfkb5GKNEJYCnUvuvnxc/AKJ1c5DrijeRm5PHyXs7sn
RFm+EOB5G+czct5JEfTUkVsftSZboLhQ+GESNB4DJj7cZX5Eb3CQQm60a4cBMzEa
r9W7LyWBQEHcuY3oI6s/R9g72QGJaNQWJklBT4TOcnz3nvs5/SYvvxVsykqDD8ii
9SzqA3zuvBoTUHFaw7YfoBkclQ5ziV0iNYUXb937DArbvnhNbDxb9EjBCmJxZ8Uh
ryVIyLnSvtLgar3I/eHFeJEhxwdhmNuYR1tLKjkVLFb6rTWZiizRUSUnidNHXbu1
K/FbOsurd3ZRLMttZNTc1kNdXy3JDUToy9rZOUpoRbfY1UnCNN2tWNB+U6wYgAUn
V1bZhWnUdX1stP96G3kIjff1LvfcheevgaLDNFDAtgRwYjawP/uXdybmQAIO6UQr
jLfA2958sGEKWrB1Pgy8kmvXE3xGajNDTP3UNFIJsc6/nE7DaA8VTuVW0ypgNSwS
uvI4HJnbxV9YDCozojOVjN4ICyqDtBabKbuZ6C2lvrMsKMrvUTkdVei5YJELHH6f
qT0Wvgt+YjGmu9LuG44v2lKWqw0oxsnnhElcmMyuimrWiWH0FsflJQIDAQABo4IB
bzCCAWswCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZ3aK5+DrQI6Jqd/Rr85dJ25MefzCB
2wYDVR0jBIHTMIHQgBRdoFd3+cnN3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMT
CkhPTUUtQ0tVQlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEW
EHN1cHBvcnRAb29wZW4uZGWCCQCSRcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcD
AjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkwB4IFY2hyaXMwDQYJKoZIhvcNAQELBQAD
ggIBAKh8doaLAtydm7PEcC7QAP5Uc3TNqCpfNCDApfjLpl7rdKrgAnmeV9kQ3IVq
AAeyl2vuctEbcsX8/oNYEJFuUIwNf4mFDdp1Ifq8/ieCw2KLDU3zYH8sKQDTZHwT
w6xuXocuVQ5mcwwjP7ERmYXUnnnHAOgSvjgXBBtNV8tAYGCLDkjGvcUZ0oNVBgAx
Xoewhmd+1Oozr9I0YH1EhEDECVTbivb0So+2ZbEjmOXhSlJdgdi2MO96dsEOuMjH
KMVTqBhMNtBOHXtDbfZC2NwzO5RcAV9FeWkHj6oaWIEl7RTiw52gMTygbx6ezZT/
2fKq7TrY8fuRWLmQ77+TwIkT2oyr7DjJ9s+kY3AU7XKAZHTUbhGlqKsWUiV/3+5f
S1v/4hjtuAA3JPOToBcEn9YAR2djavYIRM82YbRByHvrJZkCEnfOs57Wv5XZGKLK
J4ph1ikT+lLBVczZVB14Elz6Vz0/CHlT2Q6/MtENpLyJop6uVCTmpIiKcfF+kuR3
/f8pdXOzGc1nOwT3g75A+D70nWaXULZUBlRKJ3FZCo+Ecx73YRhU82frDL9+jYiw
ui8IfDjmAQIqFivcHYLizZtpJhrqa7oG7MY80lfsHTPnUU/jkdRBYBzGk3yrFXpE
KN1k61XVk3Iv9lDA/Oa9/Q85eSmj8a49ZQ+GLsTaOx7eBi8j
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIQu1w1fZPHpMCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFN1kcfwGMq/BIIJSDyJVQRMO58N
9RxwtPDyai8u6aTPghUdUdTAxnVXw/lDSJ0mJbSRm9Q6D7t/+JS+/wGAldmoZUHp
a/jVAOtSwplaO0RnsHXtYA5QxrjrsrDdMXIQuwFOHIu1x8n/fE1mUnQ3ca9Q9wwR
qFj+/oDNw7eYHrps0k/WNVlo83GCa9LUX9bXHFNhPXDm5RGFHhBT9cMPmXByii7J
j+7MVCiOSgi4alMPGgNezDVBzJvWip3GzTH7ivxLZOl9ETQ1GpmaMS//9BLoO+2H
ckghogZ94Nxq6NFRXH/618PKFzahcnBbqpuIbo0wzpx6WS64hsHUwnqXFlTzTeXs
1Kkg8uT/hy7iMkGTQsdOqsHweUR8KoUbQCeHt5oB8xUkDBrjIRSxCwkfnIs6fsWW
EEoRUCM4cjbmX4Owb4ywbRzbJPjubkNs2b3GKo84b6Z9lS/02VP9GjB6n8hDx7b/
gB1fcRPLpzdNFq5hI2twKZw7XiXU6CeG5FrZcDdsOgaEsDXbEkGMAnBOyUkusmSi
7McHm8BHYs6JynQon7577W2cuw4WAlu1fmnToXBlB+zivn7C0ywM8/V7ZAFMXH3P
BO//emkfZ2CbBj4tjqq/X4vYLVYwTgjeOuE16w7QORfGAQH3/g84nHGKmRGQmf8C
XK3zC3ybOkoXzrMmOfFRqVkWLI9NYSFXypd4rXPOdIT/PPxHzoZV9Zhlb+fobNy1
yt2ProN/eHecTgJzthizNpbp0vexQSnEfjbgn8KEiEBcHm7cYbcWxM7bJtf2VgdK
lSa4H6xX3bndC8avZX3tYdGda83p0NA34cT0V3zzSCiBXbSEysfCoEGpT3fgVxrO
gc00qgief0oNdTeO8qnGjgc4SgsxH1yzoFsLsZ/JoHfeap/AIO2axCyxf1yPOrsv
lTUJPWhi8Hda+1iaHElSFsKBLBMnty6mGh9J2b5JpmGCbjOKg35G9G0gZPbo7hP1
Wfte5bXq+Ur+7sfS+cj5DS+04p4xygI1djc3vRk+QJxd5z6gjKuJVIpK/+qRTzP/
6vtnE/59xFGmxKZsgVW5ZTMM0e0eUneST4h1ciCAmqdXsTAIoLuTXi4gkf/P85Ye
7NoiPc6SamqktvUxDTP6nGP906LhnNxjhjswhhi33aBXLKLLbNKm4aT8bBm+DISh
KRa3qK97Q2GwEpYp6xticBa5FNHFPhLWBzB9Acms77lRQ+V/d1qZ+EBnaq3zv4tH
3zSfhimNyhWSvbl08Nr7OSWJIYQzpHKiUpqypoWmrBCpnBDSdug3h+qXf99RnQSJ
5xGe87H3v8xSub+f3uZMf8S9LxQuWDv+bGUfxXla/234duO8E4CcOBbiMdI1khcO
XPSKvqEuwdnZfDNvxQq8u5R83zI/zMh+/KI8bjo3qe7O5TVUpxb6YFM74KuGLZTW
EPWTJereXtVQYC+dHl2An41RKO4+4wXFPf9etILMwCtvPrnYompz9l2lEKfA7WOP
uSFH42JayyhaTjvXsdPPQbeZpCKeJqsESclF5LfXxLwPAnfRWlEVXEht+j85Q0oX
UUhzS44LqEGzrFgot1vp3au+7PsxyRBCg96us6E8z151/VxX1R+lrmaUEQweh2lv
tn1ZAXksB7AisUu3Uw1nz5JMhn0tX3/NKKyQLHwwcrlH51Bxrzhlrpc0SsKbpjcE
4r7eiT01S9njVOIPJVaHd/KvdyhNXViKMW2uF7dc8viYPjM3xnEnp3Cp0BFnjEBL
wjAcxhaAvwUg0TG7s3IM5RiqOsUCmRYN7n/hJdZF7/5qtwkIB+5BJ+ow4AdPSdym
AX8ukmiBjhvgQq8EAlDreQeWVXtAY8HcHkU6KjIoFVoiLCqrwTVSmxSXfLRuw2NG
cRdnGvoZ6LxF69ocap7kgulT3haUid5w9FFEuzDJtW8bdTlqCqgUdaukLN3mOjEj
C+3ynprAD0JjcU+4Q8ZGX5Ozaxx0o/dN2BaTnj872434V0XSUcsdlssbVoFfQe1Q
7ftu05xbSTpQi+aj+BqDltwHezifev2UpRFMENqIkpSl/jKtdbaapBk1uxxDDnX+
a6m0b7ykrVe18TjiiSsGGf0TTuwvcJW6bmh08Eg+NitDl5HPHabLUY8lornzbw68
+0C/wVllFiX4WGMJ33FztI6/DZdIa/tTEEYQKn+WDaPVwKFp0j3kzfUBj9zHDC0J
YJbuQJ/nq52rqADqbEBlNv2DYwWgAA2znk2yL0mUT9IwegE6nw9/X97zr5tgtkni
PPP+MI/H4seURLnkyr2v//0niLPAXwiru9g5omMbWYn78va3GcaAWvypRb2VMyX4
Ve4rb2gdXioM93T2umZbAph0GtjZ/jSnKobq46xl4wuxqQ2qRWDlb7I1Eda/Hn1O
oFBlJ8T7yaBWLsMHJW76lWIov05fYRRNQvrOPB7+Jz/TxhAGF75GZzLbN82jCaRd
jJCbfdc/DCYSNAkCuLcDn00BGxYCQ70Mu0LVG0wrnyMIg1JXK5oTZkdsNPml9Mij
CsNLf3Wh60iX9qWt3rdSppO6mCJKmWIfyTS3tfxB3NE+/M37KtrCK76fhFEfYfHm
7xhqzsq1j5e1DXxhrqtQZPTqAuOLjbQzsTAyFFJJKz1aZk1dOFFrj9hmsIEwBUe/
6zrX+oPk1aEmT4qGb29DMn69ruUlcZQ+5kIBGMXPsnBV7TEm30HE8QGnVWUOlIZ6
1etXLSJsmCEkV81N4JZyNDGONzvuqGnoDMeEE8d9EnztwGIEUD2lLmiWg3PKsvgg
/dWjirUdVRVwb7YTZL3NsWn11TehCMxUFSXDYMVWcRTaYLqMNLDlZL1zAj3YRzDV
1iGR7s+Jw5VkGZrSqSPuRW4dBjr8JulHimKhRCZw/cIzl9EXISsVRP/gFEc3OvEl
TrpE8hsvOrKd5wWziJjJ0YXHTjXKoYjeD1Cg95oZII3iEJ6d3k80p73QHcC89kyF
U5KG3WtaGrDmS/aw7UpNJQI6UuMSli8bsvmTO/ko/YEKlN75YD4doxuHAYz1s2UB
Ii6EFbLrhG/Lk1VP7AxTSyiFSY3iS1l92fvv72BI5J7G6Okk66BWvdNUFH8crEXJ
woiQ5eUk2Mv756C4fCIPmgv3zv7T71r3L5mc6hQ4MEuVHDfSvFfiRd2w2z/5WjKy
JY+xOBY3LmvpvhogMLpFhQ==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
1c8b2c0960c29ba0f8b85d20cf7654a3
2429c0a7e6c898f834473377846b349b
e5070fadf83aa6f2143ddedd5fed69b8
6b4303181d4cf8b130777033982585fa
24796676d2c096db93d8ec0bf221a33f
974c554b7173faaa46badec409713525
927fdabb473a3e24d309983c858b1b7c
7ea88198f4f01d1a5c2fb6920a1dcd4b
d1a3918e736899803896aa1d43ad131d
996e9f78bcc1faccb83276e65ca43626
c4b0de36dfaff3be40276a0126d15690
bf7c3baca7d51d4ed78efb8248d6e3c1
43fb2424ed1b31e7a2cb14506a3d5fd2
3f3f58ee93eb615044fb6d0d345095c8
c0c5551065d416d1b6781d8436f8afb9
2f34aef585ba7ec0a977386b3a3b9c0d
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

271
CKUBU/openvpn/home-ckubu/client-configs/chris.conf Normal file
View File

@ -0,0 +1,271 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ckubu.homelinux.org 1194
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG4jCCBMqgAwIBAgIJAJJFyNRqWYU3MA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczETMBEGA1UEAxMK
SE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqGSIb3DQEJARYQ
c3VwcG9ydEBvb3Blbi5kZTAeFw0xNzA4MDkxNDAxNDRaFw00OTA4MDkxNDAxNDRa
MIGmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJs
aW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczET
MBEGA1UEAxMKSE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqG
SIb3DQEJARYQc3VwcG9ydEBvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBALae3zg7UYlmziw+LCYVg65H+lKNOcj/JArsL2MOnYEcmrePLI4e
GWRppLVpxKeG9kIpfVglfqRDdEY9eOFguJs+MsKwwRi2LzY1rCjDazCjTnQ0L0Zj
1RqJT1LqaEkzLv0cAWxza67K/n6vMaXxQ59jNAW/bOik1SogHiwrT78f2e+Zu3K8
tqkuuDwtwbU0jzL+m+IuHNVl1CTcAIZRmFbdxpWfi5pocrbOIlCwXbUP8ltp/E/t
xLKQqBP3ccgFwPuCGZBymUcpRdMgiDwifYnZK3H4STLSDN4b6K1PclKh46QuxDv2
egap+vctIKJRLguAPqRVjSoYK5UXUcZC+R6t8rHvxDGLwvk3IPeEI9z5bCvnm8cw
0e4/dr1EDjtwHXtw8X6DDf2biNmq4edCRxrgyQKwSOAsC4MhzFNPM112N1nJNrpR
nXNCKRNGF4MdI/zFqRLraafk0eT6yP9/6lmoQDJsjhUH/ziOB+cPS4XmUI/XwMF5
c56mD49gdG4ZivDtJeGcdZ4TSbD/lvc3yI1ECgouFPcBAJHwendA29xYMmuj4oCP
stW7N8HARZWzfwIdbB/HHupHIZ1HV4ACY0H7Sju6SMFxWi09dl92BYG9rhMW/M6A
+k7WxW0IEqZyQgen3fTRw97GJXaLM+anwwl89c6trOaME1ql/w91lAInAgMBAAGj
ggEPMIIBCzAdBgNVHQ4EFgQUXaBXd/nJzd6Iqb7Q+/D8ihm1nfAwgdsGA1UdIwSB
0zCB0IAUXaBXd/nJzd6Iqb7Q+/D8ihm1nfChgaykgakwgaYxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5P
UEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRMwEQYDVQQDEwpIT01FLUNL
VUJVMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0
QG9vcGVuLmRlggkAkkXI1GpZhTcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF
AAOCAgEAquNynEChfqP/lTY48YE3xhDycq0YF0WimD5NzKPgrCIP/1x3lyufzoiz
8DrqVZ61LKdJUJMcWRmyqiXS3WZFX9X7ktZvmf37E7JUvorSuF21PMm9Oj0yUsUX
y0AFUiH3fpNhCMxYiCqS85wWBy1+/6np1RodihGTPcLwAGLIVGEklyffyamQ2i2E
TZwZrZJrmLyzsdn4PT3vJyfAUUbcpgf32zjEZCCozlSdisZi8cn2pL7y1pcXA5Oi
gvLhDNntYTKcE1JjWqa/989JJgvvYD2fgCo+DkPw6i/Dic0UAZypHLKqiCc4f3Pc
GqtaY7nxQjMSGVnMjEn2yzyFtXep4lXn16Nh8ZnGbEk3dqCIBS2xzjcUs6YRdyMb
b2JIflNuI4Wrqx5CTyMM7lSNapZRPiP7Qw4xyq+og1TABJuc+9A3Pj/R/oztoHim
9p1zCM4m3tEBUCkYxet87BojVn4MQ37pees1Xi4oAFHqU5mCwpakO6rVOt4Y4vyZ
K4eF0w3NoRl+z4tbDFh+RjUj5tChKcMxaSitCsD0GGvd0nlO550tbxjMZlchpLhP
xG+rcU6098AdwAIjESyYfowVhHT+BDTefXphSYMz0ImaiBzbGwEmpce7sD1bYFSn
Wer/Kh24vsIIxcO2PNEKvQbO/I7YD4Yjk4pVGTUgD54LLX7k+7U=
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MzI1WhcNMzcwODA5MTU1MzI1WjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMT
EEhPTUUtQ0tVQlUtY2hyaXMxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG
9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDA5DrGxKOrIDkG6bN41khikTnVEWmg35qFA1OkbezVg8e0tuhAhDqh
ugWUbbKJAj/KIwQS1z/8yNfkb5GKNEJYCnUvuvnxc/AKJ1c5DrijeRm5PHyXs7sn
RFm+EOB5G+czct5JEfTUkVsftSZboLhQ+GESNB4DJj7cZX5Eb3CQQm60a4cBMzEa
r9W7LyWBQEHcuY3oI6s/R9g72QGJaNQWJklBT4TOcnz3nvs5/SYvvxVsykqDD8ii
9SzqA3zuvBoTUHFaw7YfoBkclQ5ziV0iNYUXb937DArbvnhNbDxb9EjBCmJxZ8Uh
ryVIyLnSvtLgar3I/eHFeJEhxwdhmNuYR1tLKjkVLFb6rTWZiizRUSUnidNHXbu1
K/FbOsurd3ZRLMttZNTc1kNdXy3JDUToy9rZOUpoRbfY1UnCNN2tWNB+U6wYgAUn
V1bZhWnUdX1stP96G3kIjff1LvfcheevgaLDNFDAtgRwYjawP/uXdybmQAIO6UQr
jLfA2958sGEKWrB1Pgy8kmvXE3xGajNDTP3UNFIJsc6/nE7DaA8VTuVW0ypgNSwS
uvI4HJnbxV9YDCozojOVjN4ICyqDtBabKbuZ6C2lvrMsKMrvUTkdVei5YJELHH6f
qT0Wvgt+YjGmu9LuG44v2lKWqw0oxsnnhElcmMyuimrWiWH0FsflJQIDAQABo4IB
bzCCAWswCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZ3aK5+DrQI6Jqd/Rr85dJ25MefzCB
2wYDVR0jBIHTMIHQgBRdoFd3+cnN3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMT
CkhPTUUtQ0tVQlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEW
EHN1cHBvcnRAb29wZW4uZGWCCQCSRcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcD
AjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkwB4IFY2hyaXMwDQYJKoZIhvcNAQELBQAD
ggIBAKh8doaLAtydm7PEcC7QAP5Uc3TNqCpfNCDApfjLpl7rdKrgAnmeV9kQ3IVq
AAeyl2vuctEbcsX8/oNYEJFuUIwNf4mFDdp1Ifq8/ieCw2KLDU3zYH8sKQDTZHwT
w6xuXocuVQ5mcwwjP7ERmYXUnnnHAOgSvjgXBBtNV8tAYGCLDkjGvcUZ0oNVBgAx
Xoewhmd+1Oozr9I0YH1EhEDECVTbivb0So+2ZbEjmOXhSlJdgdi2MO96dsEOuMjH
KMVTqBhMNtBOHXtDbfZC2NwzO5RcAV9FeWkHj6oaWIEl7RTiw52gMTygbx6ezZT/
2fKq7TrY8fuRWLmQ77+TwIkT2oyr7DjJ9s+kY3AU7XKAZHTUbhGlqKsWUiV/3+5f
S1v/4hjtuAA3JPOToBcEn9YAR2djavYIRM82YbRByHvrJZkCEnfOs57Wv5XZGKLK
J4ph1ikT+lLBVczZVB14Elz6Vz0/CHlT2Q6/MtENpLyJop6uVCTmpIiKcfF+kuR3
/f8pdXOzGc1nOwT3g75A+D70nWaXULZUBlRKJ3FZCo+Ecx73YRhU82frDL9+jYiw
ui8IfDjmAQIqFivcHYLizZtpJhrqa7oG7MY80lfsHTPnUU/jkdRBYBzGk3yrFXpE
KN1k61XVk3Iv9lDA/Oa9/Q85eSmj8a49ZQ+GLsTaOx7eBi8j
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,A8DCE11902B81F52
YoUKcSwJtgulV5k8iXSNF/U2joi5fD9mOXOy5qQWkn20s3uAnapYL05jv7x5WZnB
r9Q37oFVgB5bu0THLqa64fORUOOmin/PhepgBkV1BWmx75Y1FdHaylnBqqudlhn+
Ae/pXlhWET1aWXvdKPGMhFJ+RKevHEoThGMxHC/Hj3a0Rl+AzrPbl6YROZ1eM2cB
Kd3nWrdrGhcUyDUn8cg9n1pDnouEGm/krbn1zjQsISlYmxDMoHBHAj+bAFJKTtkt
NiidhN2lNbw9WfEOm5MZCaM0c1GrK1Uw9AhpkZcvKhVx6yZNa52c53a/xxzoPcq8
kA+4n73NoyJzmi+q8egPKCBt2lXyHPDkfsrns3ljJPG7DMPfSazKH6KG4B/ONS9b
wxzNCuyFyWfJdbDpN02FXZHeyg7CGPU4kpSgy0XwFakjQ6+a5hbRLIVkDb8PCvIA
ayLSOvB9WgQzBQjnXyiujTMDz4FzLOVzGJUGKvgkNqv7oxHbCjNTynS+VIWw8wAk
nLcV7F8GTGU76h/TG9IOsVaq1eQIpXq01NvMwZAezh24QfM1VZwuB1vgcAren0P6
78pOKpuPtzEJWJy3zwbSGHtRetB+E7riU6eJHzFsZtJExxn2Rd3ATpIb7MtG9b0v
MKzqPhWHzEQz/psMrZaQ3ONsmi0Ti8Yjn/lvV5B/whwBEeJ101ju/ZXvPyqINzQH
5E1/Flwrr2hXkEchaGJoREN26tWUu5x5E7KWu37wzbb6533veoVFmoLm0+NdHDM6
+LOlq6xSy5vDH1qNaSPf7mtfBJVx/2f5I6IIGfPJ8wNWQsb7ij/vXpJIGaS3lee1
1ZMnIiFQAGs5rQh+XqWRLFL2Z5Omf8SeE4Zr3Pd5Ax9+8UjpNgMPlNCZ66yyOzO7
lwSQWbEVx8HG9Eg1hFOIgZhVbDmaukHLJcVaT0A0WR2/19iu3zZZ0VgJcz4i+Qp4
RlznHpOJQ6FvpydxW93BkRpikMfpRL8PdPKswbIbTAkwTCV7EIceSnH2NL+EFsLQ
/muGyx4IhpFsJB4gE0TR0t/U4FdBijILd3wZnFBxPfhofc393P2OfeRLk4tvaeae
Eqwzkcdcm5zG0dbxFUTXe7pQB54hRvJ/4XFMhTwQBjZDKr0RH0mNEgomqU8s8Lfm
qaMY3OGuYAMpTE3t+NIBdge8SoSSxxl/kR+2V2h04zjZ9uYss4b5Bj127tGbbSS8
nH4cDwysTTtcACuh8FLByoFio9Rnt73uckhflskaLvwZE/8A0uhD01F+chatvSAJ
Aix9oQwDtiyHF2t8C3eouOWl7Is+BDlh2iWYEaNPgFpXwR5eRqUpkDCDFurecT3t
ru7i47QftimArrx//dWdNZDDXC2vY32zr4e3wLoEkuFZb/uiXA067AVvCKTuN6H4
M00kzpAfyawLaLFsPFxi/hISWq96OzmguivsDsoraIl8Uz1xkL4/zhHdJDToHV4E
wTrQlvoA4zWDa3DNbwRH9vna/zY8owktR9nDb50xlmmzXT8ucAFN8BNLCeQMir4u
2HjGic2gBFrnOgafVXsnJam+a0ce2mPSRQ1hLNxquDdB3gT1Woiczhl1HBRX9U7K
BpOJeVWF9kLBhbTTWqXQMnZNOnh0iEmjtDg22dg0hsHsoo8z0ngUGGrDofPRQ9Xy
Aw/GmAwF7pmwSfIWiCndFMFeCN418nugtX2QavkIkm8OFm522RRwUCX5lKdZAlzG
nX947m997mZMtdilpcl/F03N6/gKu1S1Wrmug8sPD6R9mugzcNQDFRsS+8dcwmwf
+zYInaSO6tmI7+GqlaIORXB9vNawy9vElGOqx69No4vjHP1x9+6xEtJk4O6aRDtl
Ju7/NlDildpIhjIvnJe/eKEBDfyyGDlHyVAEqnf7Yzz92j+3ZugIz/zd4iTdGzfg
tsQx0x2i/WsDw11/cefPXth07kJVfgM3jdgk2d0Yd0LpWWjxUZp5H4zJ5FZ5yl6s
GFLYCK6Fj1QsWXd4qQjH7092ka5GKvYLcR4DxCocJ6tS1UE0MReI1YaJ8GU3dwaY
91+Q2j3+lPY3PKH8/MjL8ZZJoIjlyvXwYff1quObbUYIYbtuhJ3c1PYeigt/G5Du
nb4qJuZ6ue2OEfuvRnXgH4aNgZEfrVuYydDBxM55HpaxZBjC0ipqGYnC2X9rU7JI
dD+r0ymGoIt91ZhgnahhIx4zzrJ5i7BNujMYal9AEkPXV+VkY/iNJJKjIzFEc9J0
GX9ELhXHzed3xxy3goTqJPgY0u/jBsUca3l2AI9H8qjeAltbiRP+TdyafhCr/RX1
f2t+KLLvK7F2Ls4VcRPIpuEWrnbvJbh3ot5anzzR20ifFy2fIXyI/Sy/DPAy3hgD
adNfY29lyY8dLv/CTXju9AHEX/Z/IvEBBZkAUUIJ8v2wIR2HMOi/kCsEl3HnK/Sq
aKHenYE5QqME+Y6b8t+w3vhNT7HAcaH/sjrDn08Wls/XqTDEEr+fFV8i/Z0bFQjs
27pbdDrYCmQjGizP2INARVIBYeCk/LQ8kSgIy2pI6uzqdXiHjeeSLtLxl7fmLw3j
VNzCP0uY407/N6WTOYEvg/SHAYQZNA3zSA/xsNihRGGDvj75a0WI1p+QDMUUGiYJ
xdDU4lM+L6YP2yZ75XBUNhwHHX6C1vfQC/BvnszRSdnEZeq+bOwAkBDC31eH6y4J
tbqxOXB71x6Ljcwp3BnpKbnXt9VzLM+O96sSc4wOfJl7AeHWD6eEKJNT1mfjWfN3
jB68ezZhQpth7RilxtECMz4pcigGsljHkIfd9nweahAwq2RNwhz5cafpQqDeJV+c
0o05tSNvR8snLX+fbnBTxHl4025lTmJNh9Hv4DY3UnAVL/e/wkmupb6gYA+N3s03
ZJhhG0YBUviuuH6DrRdxTrHjnVveJHSuHhUHrgM3PeX8cspBBYbX77d52jqDS3HJ
UD6eCrIbxyDsKDFS1DEby2KZYM5CBmI4AzUW4nKBuRPZ0uFiM7b/KXptQvC/sUWE
6DgVcIz2ExivDyiHo5XSWsssRRI+vXtJ/GSghWTZuN6WI3whZtnYQyS0L+tZCRdi
GHaFz1YOvzTJZoWHZgXg0fe58Q7CLdco+66scYlHstj562mjsd7fPa59KaGKluvM
-----END RSA PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
#
;ns-cert-type server
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
1c8b2c0960c29ba0f8b85d20cf7654a3
2429c0a7e6c898f834473377846b349b
e5070fadf83aa6f2143ddedd5fed69b8
6b4303181d4cf8b130777033982585fa
24796676d2c096db93d8ec0bf221a33f
974c554b7173faaa46badec409713525
927fdabb473a3e24d309983c858b1b7c
7ea88198f4f01d1a5c2fb6920a1dcd4b
d1a3918e736899803896aa1d43ad131d
996e9f78bcc1faccb83276e65ca43626
c4b0de36dfaff3be40276a0126d15690
bf7c3baca7d51d4ed78efb8248d6e3c1
43fb2424ed1b31e7a2cb14506a3d5fd2
3f3f58ee93eb615044fb6d0d345095c8
c0c5551065d416d1b6781d8436f8afb9
2f34aef585ba7ec0a977386b3a3b9c0d
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
;comp-lzo
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

18
CKUBU/openvpn/home-ckubu/crl.pem Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN X509 CRL-----
MIIC7TCB1jANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNV
BAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tVQlUxEzARBgNV
BCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUX
DTE3MDgwOTE1NTA0N1oXDTQ5MDgwOTE1NTA0N1owDQYJKoZIhvcNAQELBQADggIB
ACjHl5NsKZ+RmQFK9PGDNVQg+aPaAdUpOQVY3VqQtMEN1yPlSQE0To9+u+fxlyxt
XTNe7D8xTeTLU3J57UjEZerxJXPWMHKlOMSt1xDD51Y81IChYzyM0yvTcNlNHi71
1IcI/MzX4M2Jy2tf1tL8MXDkXMEwDWH17XyUN246h8D9p/B/SO6Uem8Jt7YIxT4R
n6P4B63iFIVROU21rCqJ84f/obUFpRS/ZV7c0Gz9lLbfdEG2eAxuaNxjSk79rosY
myZuMe1WTjDkgAg8y/E0j4HnAUE6Cos0fz+R3XrPlZLVVbnVngXcjP/J8LBQNDNR
1gNh6ZsW8zDt3ZoILH0J/0gvF+JBBuIwi0bgLqbj1hYBDIA9IhPbDlt7+36o/wQA
vqoPWzCT+koF4xWA8q/LgQpL1ta9oozFOC8Lb/7Hhu4P6abeMDbuGrye4wP6nT2H
xrO4yLpvvmRRMLIs8SiS0IcLT/nHGJZ6SOLn5zqf2aIzGYvoE8uqjhSbHMZwZFZi
4rZPaivzd1c9IWrW3WN5o403mvNkUS6Z1/Hhk9Jc++ZMUIOA5r2A/RPaUxOZMAD2
RYmLE3b/VeZefx/PXTmlu3+0OGMCvOIUTx8bKG8bNEmK3i+6lOB8I0JqKszGEFuT
JnlqO8kgBnwRugI29zY4tFLjKs99DwOHoZAPSMiDi/Mc
-----END X509 CRL-----

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-ca Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-ca

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-dh Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-dh

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-inter Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-inter

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-key Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-key

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-key-pass Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-key-pass

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-key-pkcs12 Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-key-pkcs12

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-key-server Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-key-server

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-req Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-req

1
CKUBU/openvpn/home-ckubu/easy-rsa/build-req-pass Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/build-req-pass

1
CKUBU/openvpn/home-ckubu/easy-rsa/clean-all Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/clean-all

1
CKUBU/openvpn/home-ckubu/easy-rsa/inherit-inter Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/inherit-inter

1
CKUBU/openvpn/home-ckubu/easy-rsa/list-crl Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/list-crl

268
CKUBU/openvpn/home-ckubu/easy-rsa/openssl-0.9.6.cnf Normal file
View File

@ -0,0 +1,268 @@
# For use with easy-rsa version 2.0
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca' and 'req'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = $ENV::KEY_DIR # Where everything is kept
certs = $dir # Where the issued certs are kept
crl_dir = $dir # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir # default place for new certs.
certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha256 # which md to use.
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = $ENV::KEY_SIZE
default_keyfile = privkey.pem
default_md = sha256
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString.
# utf8only: only UTF8Strings.
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
# so use this option with caution!
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = $ENV::KEY_COUNTRY
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = $ENV::KEY_PROVINCE
localityName = Locality Name (eg, city)
localityName_default = $ENV::KEY_CITY
0.organizationName = Organization Name (eg, company)
0.organizationName_default = $ENV::KEY_ORG
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
# JY -- added for batch mode
organizationalUnitName_default = $ENV::KEY_OU
commonName_default = $ENV::KEY_CN
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "Easy-RSA Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=clientAuth
keyUsage = digitalSignature
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
subjectAltName=$ENV::KEY_ALTNAMES
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "Easy-RSA Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=serverAuth
keyUsage = digitalSignature, keyEncipherment
subjectAltName=$ENV::KEY_ALTNAMES
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always

293
CKUBU/openvpn/home-ckubu/easy-rsa/openssl-0.9.8.cnf Normal file
View File

@ -0,0 +1,293 @@
# For use with easy-rsa version 2.0
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
openssl_conf = openssl_init
[ openssl_init ]
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
engines = engine_section
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca' and 'req'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = $ENV::KEY_DIR # Where everything is kept
certs = $dir # Where the issued certs are kept
crl_dir = $dir # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir # default place for new certs.
certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha256 # which md to use.
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
####################################################################
[ req ]
default_bits = $ENV::KEY_SIZE
default_keyfile = privkey.pem
default_md = sha256
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString.
# utf8only: only UTF8Strings.
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
# so use this option with caution!
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = $ENV::KEY_COUNTRY
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = $ENV::KEY_PROVINCE
localityName = Locality Name (eg, city)
localityName_default = $ENV::KEY_CITY
0.organizationName = Organization Name (eg, company)
0.organizationName_default = $ENV::KEY_ORG
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
name = Name
name_max = 64
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
# JY -- added for batch mode
organizationalUnitName_default = $ENV::KEY_OU
commonName_default = $ENV::KEY_CN
name_default = $ENV::KEY_NAME
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "Easy-RSA Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=clientAuth
keyUsage = digitalSignature
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
subjectAltName=$ENV::KEY_ALTNAMES
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "Easy-RSA Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=serverAuth
keyUsage = digitalSignature, keyEncipherment
subjectAltName=$ENV::KEY_ALTNAMES
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
[ engine_section ]
#
# If you are using PKCS#11
# Install engine_pkcs11 of opensc (www.opensc.org)
# And uncomment the following
# verify that dynamic_path points to the correct location
#
#pkcs11 = pkcs11_section
[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /usr/lib/engines/engine_pkcs11.so
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
PIN = $ENV::PKCS11_PIN
init = 0

290
CKUBU/openvpn/home-ckubu/easy-rsa/openssl-1.0.0.cnf Normal file
View File

@ -0,0 +1,290 @@
# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
openssl_conf = openssl_init
[ openssl_init ]
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
engines = engine_section
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca' and 'req'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = $ENV::KEY_DIR # Where everything is kept
certs = $dir # Where the issued certs are kept
crl_dir = $dir # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir # default place for new certs.
certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext
#default_days = 3650 # how long to certify for
default_days = 11688
#default_crl_days= 30 # how long before next CRL
default_crl_days = 11688
default_md = sha256 # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
####################################################################
[ req ]
default_bits = $ENV::KEY_SIZE
default_keyfile = privkey.pem
default_md = sha256
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation after 2004).
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = $ENV::KEY_COUNTRY
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = $ENV::KEY_PROVINCE
localityName = Locality Name (eg, city)
localityName_default = $ENV::KEY_CITY
0.organizationName = Organization Name (eg, company)
0.organizationName_default = $ENV::KEY_ORG
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
name = Name
name_max = 64
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
# JY -- added for batch mode
organizationalUnitName_default = $ENV::KEY_OU
commonName_default = $ENV::KEY_CN
name_default = $ENV::KEY_NAME
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "Easy-RSA Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=clientAuth
keyUsage = digitalSignature
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
subjectAltName=$ENV::KEY_ALTNAMES
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "Easy-RSA Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=serverAuth
keyUsage = digitalSignature, keyEncipherment
subjectAltName=$ENV::KEY_ALTNAMES
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
[ engine_section ]
#
# If you are using PKCS#11
# Install engine_pkcs11 of opensc (www.opensc.org)
# And uncomment the following
# verify that dynamic_path points to the correct location
#
#pkcs11 = pkcs11_section
[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /usr/lib/engines/engine_pkcs11.so
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
PIN = $ENV::PKCS11_PIN
init = 0

288
CKUBU/openvpn/home-ckubu/easy-rsa/openssl-1.0.0.cnf.ORIG Normal file
View File

@ -0,0 +1,288 @@
# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
openssl_conf = openssl_init
[ openssl_init ]
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
engines = engine_section
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca' and 'req'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = $ENV::KEY_DIR # Where everything is kept
certs = $dir # Where the issued certs are kept
crl_dir = $dir # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir # default place for new certs.
certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha256 # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
name = optional
emailAddress = optional
####################################################################
[ req ]
default_bits = $ENV::KEY_SIZE
default_keyfile = privkey.pem
default_md = sha256
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation after 2004).
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = $ENV::KEY_COUNTRY
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = $ENV::KEY_PROVINCE
localityName = Locality Name (eg, city)
localityName_default = $ENV::KEY_CITY
0.organizationName = Organization Name (eg, company)
0.organizationName_default = $ENV::KEY_ORG
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
name = Name
name_max = 64
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
# JY -- added for batch mode
organizationalUnitName_default = $ENV::KEY_OU
commonName_default = $ENV::KEY_CN
name_default = $ENV::KEY_NAME
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "Easy-RSA Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=clientAuth
keyUsage = digitalSignature
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
subjectAltName=$ENV::KEY_ALTNAMES
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "Easy-RSA Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=serverAuth
keyUsage = digitalSignature, keyEncipherment
subjectAltName=$ENV::KEY_ALTNAMES
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
[ engine_section ]
#
# If you are using PKCS#11
# Install engine_pkcs11 of opensc (www.opensc.org)
# And uncomment the following
# verify that dynamic_path points to the correct location
#
#pkcs11 = pkcs11_section
[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /usr/lib/engines/engine_pkcs11.so
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
PIN = $ENV::PKCS11_PIN
init = 0

1
CKUBU/openvpn/home-ckubu/easy-rsa/openssl.cnf Symbolic link
View File

@ -0,0 +1 @@
/etc/openvpn/home-ckubu/easy-rsa/openssl-1.0.0.cnf

1
CKUBU/openvpn/home-ckubu/easy-rsa/pkitool Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/pkitool

1
CKUBU/openvpn/home-ckubu/easy-rsa/revoke-full Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/revoke-full

1
CKUBU/openvpn/home-ckubu/easy-rsa/sign-req Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/sign-req

96
CKUBU/openvpn/home-ckubu/easy-rsa/vars Normal file
View File

@ -0,0 +1,96 @@
# easy-rsa parameter settings
# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.
# This variable should point to
# the top level of the easy-rsa
# tree.
##export EASY_RSA="`pwd`"
export BASE_DIR="/etc/openvpn/home-ckubu"
export EASY_RSA="$BASE_DIR/easy-rsa"
#
# This variable should point to
# the requested executables
#
export OPENSSL="openssl"
export PKCS11TOOL="pkcs11-tool"
export GREP="grep"
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
##export KEY_DIR="$EASY_RSA/keys"
export KEY_DIR="$BASE_DIR/keys"
# Issue rm -rf warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
# PKCS11 fixes
export PKCS11_MODULE_PATH="dummy"
export PKCS11_PIN="dummy"
# Increase this to 2048 if you
# are paranoid. This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
##export KEY_SIZE=2048
export KEY_SIZE=4096
# In how many days should the root CA key expire?
##export CA_EXPIRE=3650
export CA_EXPIRE=11688
# In how many days should certificates expire?
##export KEY_EXPIRE=3650
export KEY_EXPIRE=7305
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
##export KEY_COUNTRY="US"
export KEY_COUNTRY="DE"
##export KEY_PROVINCE="CA"
export KEY_PROVINCE="Berlin"
##export KEY_CITY="SanFrancisco"
export KEY_CITY="Berlin"
##export KEY_ORG="Fort-Funston"
export KEY_ORG="O.OPEN"
##export KEY_EMAIL="me@myhost.mydomain"
export KEY_EMAIL="support@oopen.de"
##export KEY_OU="MyOrganizationalUnit"
export KEY_OU="Network Services"
# X509 Subject Field
##export KEY_NAME="EasyRSA"
export KEY_NAME="HOME-CKUBU"
# PKCS11 Smart Card
# export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
# export PKCS11_PIN=1234
# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
## export KEY_CN="CommonName"
export KEY_CN="HOME-CKUBU"
export KEY_ALTNAMES="HOME-CKUBU"

80
CKUBU/openvpn/home-ckubu/easy-rsa/vars.2017-08-09-1558 Normal file
View File

@ -0,0 +1,80 @@
# easy-rsa parameter settings
# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.
# This variable should point to
# the top level of the easy-rsa
# tree.
export EASY_RSA="`pwd`"
#
# This variable should point to
# the requested executables
#
export OPENSSL="openssl"
export PKCS11TOOL="pkcs11-tool"
export GREP="grep"
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR="$EASY_RSA/keys"
# Issue rm -rf warning
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
# PKCS11 fixes
export PKCS11_MODULE_PATH="dummy"
export PKCS11_PIN="dummy"
# Increase this to 2048 if you
# are paranoid. This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=2048
# In how many days should the root CA key expire?
export CA_EXPIRE=3650
# In how many days should certificates expire?
export KEY_EXPIRE=3650
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY="US"
export KEY_PROVINCE="CA"
export KEY_CITY="SanFrancisco"
export KEY_ORG="Fort-Funston"
export KEY_EMAIL="me@myhost.mydomain"
export KEY_OU="MyOrganizationalUnit"
# X509 Subject Field
export KEY_NAME="EasyRSA"
# PKCS11 Smart Card
# export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
# export PKCS11_PIN=1234
# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
# export KEY_CN="CommonName"

1
CKUBU/openvpn/home-ckubu/easy-rsa/whichopensslcnf Symbolic link
View File

@ -0,0 +1 @@
/usr/share/easy-rsa/whichopensslcnf

1
CKUBU/openvpn/home-ckubu/ipp.txt Normal file
View File

@ -0,0 +1 @@
HOME-CKUBU-chris,10.0.63.2

4
CKUBU/openvpn/home-ckubu/keys-created.txt Normal file
View File

@ -0,0 +1,4 @@
key...............: chris.key
common name.......: HOME-CKUBU-chris
password..........: dbddhkpuka.&EadGl15E.

142
CKUBU/openvpn/home-ckubu/keys/01.pem Normal file
View File

@ -0,0 +1,142 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
Validity
Not Before: Aug 9 15:50:41 2017 GMT
Not After : Aug 9 15:50:41 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU-server/name=HOME-CKUBU/emailAddress=support@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:d5:6c:90:c5:16:11:24:57:61:7d:60:5f:48:f6:
05:a7:41:e4:09:74:39:63:d5:2b:5e:44:74:20:e1:
ec:d0:57:6d:1e:eb:e5:d0:77:c3:aa:52:c5:00:6e:
de:69:7d:af:43:d2:c8:d7:fe:6c:38:a6:76:f5:8e:
8e:70:e9:63:b6:58:71:9a:2f:95:fc:1b:65:73:29:
47:b4:82:90:25:52:34:59:f9:b9:9b:1d:f5:e8:f7:
18:a1:08:86:8a:c9:65:15:ae:05:09:c6:cb:8c:eb:
e4:cc:01:d6:a1:82:54:58:d1:5e:75:cc:f0:7b:fe:
f7:04:92:72:62:0d:b7:7f:fd:b4:8b:f8:8e:08:ac:
57:da:6c:ab:e1:0d:73:a5:62:55:f6:98:89:a5:9f:
19:4f:6e:b5:17:03:7d:e7:78:b0:15:29:15:af:7d:
f7:57:00:ef:10:4a:15:7d:fc:8e:b8:4c:da:04:67:
12:6f:71:1f:99:c0:36:e5:cf:37:35:3d:ec:b1:08:
3f:32:c5:51:53:9c:61:02:cf:da:03:56:bc:76:0c:
c5:94:94:f4:bf:12:8e:5c:65:1f:3f:0b:8d:20:20:
ee:12:d4:63:6c:94:b6:d2:00:f1:8f:53:6f:db:fc:
71:d6:56:1d:27:ad:fc:cf:55:b1:d7:fa:68:4d:e6:
b1:91:8f:2d:d4:8b:f6:20:26:f1:d7:e5:99:a0:e3:
42:53:21:ca:f9:63:28:6b:e4:24:7f:ca:5d:33:03:
53:8a:71:94:e6:4b:dc:70:79:2f:1e:fd:80:ad:4e:
20:6a:52:ec:2d:7a:ca:04:44:62:cf:6e:b0:47:7f:
5d:d4:39:c3:3b:a6:c2:8e:31:1e:6b:f1:72:89:ce:
e6:d5:61:de:cd:bd:30:2b:2c:fe:db:07:8d:f5:2f:
1c:eb:13:47:f1:ba:3a:bc:16:59:2b:cc:f0:0d:90:
8e:63:cc:67:86:1f:13:94:87:97:11:c3:f5:44:85:
dc:c0:e3:14:b1:df:d3:0b:a5:77:34:45:c6:25:9a:
8f:f9:f3:5b:c5:c6:83:f2:ed:7c:35:f9:15:2e:5f:
72:17:0e:fa:3b:7e:31:2a:76:28:d9:2f:7d:28:98:
ee:f9:48:29:3e:dd:fb:99:d3:30:88:06:9a:b7:6a:
c7:37:a6:92:56:db:be:d1:64:de:6e:b6:15:20:f9:
56:59:a7:be:f0:a5:96:a4:e4:06:b1:3e:c1:df:11:
a9:88:c8:10:2d:5e:0e:53:08:29:0f:e5:a2:57:58:
bc:e9:bb:e1:64:71:50:35:5b:aa:b0:04:87:33:d4:
31:a6:da:3e:15:9f:d6:2c:c6:39:ac:f4:fe:e1:48:
81:a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
Easy-RSA Generated Server Certificate
X509v3 Subject Key Identifier:
E8:E1:ED:6A:13:1F:29:D0:15:EF:B3:C1:57:7D:2E:4C:49:E0:CB:FB
X509v3 Authority Key Identifier:
keyid:5D:A0:57:77:F9:C9:CD:DE:88:A9:BE:D0:FB:F0:FC:8A:19:B5:9D:F0
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
serial:92:45:C8:D4:6A:59:85:37
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Subject Alternative Name:
DNS:server
Signature Algorithm: sha256WithRSAEncryption
96:98:28:5d:5f:64:66:c6:43:92:11:90:81:6a:f3:da:30:ad:
f4:d9:3f:17:19:d1:98:4a:a0:78:d2:8a:1f:1f:9d:27:b8:b6:
44:bc:8d:a4:86:04:6a:a9:1a:a3:b8:00:f7:b7:19:be:06:65:
e1:20:be:d4:3e:79:9b:17:36:90:96:78:ac:8b:08:c9:e5:dc:
d6:68:7b:8b:67:88:42:d2:0b:24:96:5b:24:b4:ea:a5:10:be:
59:23:57:f7:ee:52:ce:2d:79:f0:9c:a6:e1:3a:de:fe:46:8b:
af:a1:80:2e:08:34:ab:59:55:02:22:39:63:6b:ff:4c:ca:fa:
ba:f8:43:86:a3:7c:95:bb:5e:e8:85:17:02:ce:4f:7a:17:c9:
71:0f:13:13:c7:5b:cf:22:92:6a:a4:7f:ae:67:b4:78:6e:6b:
1b:10:81:10:b7:a0:c4:c6:d2:3b:c2:b1:1e:3f:b1:0b:a0:fa:
8e:36:0b:55:8c:8a:b9:8e:fb:85:e5:48:b5:9f:00:c9:52:e3:
91:4c:e5:ba:05:03:55:4c:1c:d0:ea:c5:36:40:5b:36:b6:cc:
7e:b9:c1:57:12:9a:e6:7f:41:69:6f:7a:24:5c:b8:66:c0:b6:
91:09:50:bc:75:2a:eb:28:9b:0a:4e:cb:fc:47:65:f5:3d:75:
80:89:83:7e:50:95:fb:07:19:1a:e4:cd:fd:5e:ce:4b:89:4c:
24:0c:c9:be:67:03:9f:65:63:b2:3f:24:39:40:76:cb:6a:3b:
86:7c:7b:9a:b6:b1:fe:7c:51:5b:ec:91:ff:ad:ff:3c:9d:00:
70:3b:af:30:e3:78:56:55:a8:77:2d:95:f1:a0:fc:e1:2e:f3:
9b:b0:3c:bd:52:dc:1b:cd:99:83:37:bc:2d:03:e4:4a:ec:f0:
88:7c:48:33:2b:99:1e:78:bf:d0:30:4f:e2:0e:c7:04:13:52:
9d:cb:33:ee:b7:98:e0:8e:f2:64:20:64:71:d5:24:67:9c:a4:
52:e6:3a:de:bd:d1:1d:2b:d7:60:d7:3b:53:59:bf:33:60:47:
bd:26:9a:de:46:25:63:cf:77:f3:69:38:6d:d2:1c:37:a5:61:
6e:27:4e:52:6f:8b:11:4c:6c:ba:0e:b6:ad:c7:23:cf:0c:be:
c8:18:a9:7d:46:8c:6d:64:4e:d2:06:b0:9c:9c:6e:14:58:4a:
a5:32:36:a5:0c:58:94:d8:8f:d8:e7:5e:69:0b:3f:30:68:5e:
ea:b4:3f:7b:2a:20:7a:3b:b2:af:27:4f:3f:0d:fe:1a:5a:61:
ed:05:2d:6b:65:8e:bf:86:b0:1c:51:0a:14:35:e7:31:6e:c6:
fa:86:7c:d2:97:ae:73:e3
-----BEGIN CERTIFICATE-----
MIIHXDCCBUSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MDQxWhcNMzcwODA5MTU1MDQxWjCBrTELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGjAYBgNVBAMT
EUhPTUUtQ0tVQlUtc2VydmVyMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZI
hvcNAQkBFhBzdXBwb3J0QG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEA1WyQxRYRJFdhfWBfSPYFp0HkCXQ5Y9UrXkR0IOHs0FdtHuvl0HfD
qlLFAG7eaX2vQ9LI1/5sOKZ29Y6OcOljtlhxmi+V/BtlcylHtIKQJVI0Wfm5mx31
6PcYoQiGisllFa4FCcbLjOvkzAHWoYJUWNFedczwe/73BJJyYg23f/20i/iOCKxX
2myr4Q1zpWJV9piJpZ8ZT261FwN953iwFSkVr333VwDvEEoVffyOuEzaBGcSb3Ef
mcA25c83NT3ssQg/MsVRU5xhAs/aA1a8dgzFlJT0vxKOXGUfPwuNICDuEtRjbJS2
0gDxj1Nv2/xx1lYdJ638z1Wx1/poTeaxkY8t1Iv2ICbx1+WZoONCUyHK+WMoa+Qk
f8pdMwNTinGU5kvccHkvHv2ArU4galLsLXrKBERiz26wR39d1DnDO6bCjjEea/Fy
ic7m1WHezb0wKyz+2weN9S8c6xNH8bo6vBZZK8zwDZCOY8xnhh8TlIeXEcP1RIXc
wOMUsd/TC6V3NEXGJZqP+fNbxcaD8u18NfkVLl9yFw76O34xKnYo2S99KJju+Ugp
Pt37mdMwiAaat2rHN6aSVtu+0WTebrYVIPlWWae+8KWWpOQGsT7B3xGpiMgQLV4O
UwgpD+WiV1i86bvhZHFQNVuqsASHM9Qxpto+FZ/WLMY5rPT+4UiBpS0CAwEAAaOC
AYowggGGMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDQGCWCGSAGG+EIB
DQQnFiVFYXN5LVJTQSBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1Ud
DgQWBBTo4e1qEx8p0BXvs8FXfS5MSeDL+zCB2wYDVR0jBIHTMIHQgBRdoFd3+cnN
3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJl
cmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsT
EE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tVQlUxEzARBgNVBCkT
CkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAb29wZW4uZGWCCQCS
RcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwEQYDVR0R
BAowCIIGc2VydmVyMA0GCSqGSIb3DQEBCwUAA4ICAQCWmChdX2RmxkOSEZCBavPa
MK302T8XGdGYSqB40oofH50nuLZEvI2khgRqqRqjuAD3txm+BmXhIL7UPnmbFzaQ
lnisiwjJ5dzWaHuLZ4hC0gskllsktOqlEL5ZI1f37lLOLXnwnKbhOt7+RouvoYAu
CDSrWVUCIjlja/9Myvq6+EOGo3yVu17ohRcCzk96F8lxDxMTx1vPIpJqpH+uZ7R4
bmsbEIEQt6DExtI7wrEeP7ELoPqONgtVjIq5jvuF5Ui1nwDJUuORTOW6BQNVTBzQ
6sU2QFs2tsx+ucFXEprmf0Fpb3okXLhmwLaRCVC8dSrrKJsKTsv8R2X1PXWAiYN+
UJX7Bxka5M39Xs5LiUwkDMm+ZwOfZWOyPyQ5QHbLajuGfHuatrH+fFFb7JH/rf88
nQBwO68w43hWVah3LZXxoPzhLvObsDy9UtwbzZmDN7wtA+RK7PCIfEgzK5keeL/Q
ME/iDscEE1KdyzPut5jgjvJkIGRx1SRnnKRS5jrevdEdK9dg1ztTWb8zYEe9Jpre
RiVjz3fzaTht0hw3pWFuJ05Sb4sRTGy6DratxyPPDL7IGKl9RoxtZE7SBrCcnG4U
WEqlMjalDFiU2I/Y515pCz8waF7qtD97KiB6O7KvJ08/Df4aWmHtBS1rZY6/hrAc
UQoUNecxbsb6hnzSl65z4w==
-----END CERTIFICATE-----

139
CKUBU/openvpn/home-ckubu/keys/02.pem Normal file
View File

@ -0,0 +1,139 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
Validity
Not Before: Aug 9 15:53:25 2017 GMT
Not After : Aug 9 15:53:25 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU-chris/name=HOME-CKUBU/emailAddress=support@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c0:e4:3a:c6:c4:a3:ab:20:39:06:e9:b3:78:d6:
48:62:91:39:d5:11:69:a0:df:9a:85:03:53:a4:6d:
ec:d5:83:c7:b4:b6:e8:40:84:3a:a1:ba:05:94:6d:
b2:89:02:3f:ca:23:04:12:d7:3f:fc:c8:d7:e4:6f:
91:8a:34:42:58:0a:75:2f:ba:f9:f1:73:f0:0a:27:
57:39:0e:b8:a3:79:19:b9:3c:7c:97:b3:bb:27:44:
59:be:10:e0:79:1b:e7:33:72:de:49:11:f4:d4:91:
5b:1f:b5:26:5b:a0:b8:50:f8:61:12:34:1e:03:26:
3e:dc:65:7e:44:6f:70:90:42:6e:b4:6b:87:01:33:
31:1a:af:d5:bb:2f:25:81:40:41:dc:b9:8d:e8:23:
ab:3f:47:d8:3b:d9:01:89:68:d4:16:26:49:41:4f:
84:ce:72:7c:f7:9e:fb:39:fd:26:2f:bf:15:6c:ca:
4a:83:0f:c8:a2:f5:2c:ea:03:7c:ee:bc:1a:13:50:
71:5a:c3:b6:1f:a0:19:1c:95:0e:73:89:5d:22:35:
85:17:6f:dd:fb:0c:0a:db:be:78:4d:6c:3c:5b:f4:
48:c1:0a:62:71:67:c5:21:af:25:48:c8:b9:d2:be:
d2:e0:6a:bd:c8:fd:e1:c5:78:91:21:c7:07:61:98:
db:98:47:5b:4b:2a:39:15:2c:56:fa:ad:35:99:8a:
2c:d1:51:25:27:89:d3:47:5d:bb:b5:2b:f1:5b:3a:
cb:ab:77:76:51:2c:cb:6d:64:d4:dc:d6:43:5d:5f:
2d:c9:0d:44:e8:cb:da:d9:39:4a:68:45:b7:d8:d5:
49:c2:34:dd:ad:58:d0:7e:53:ac:18:80:05:27:57:
56:d9:85:69:d4:75:7d:6c:b4:ff:7a:1b:79:08:8d:
f7:f5:2e:f7:dc:85:e7:af:81:a2:c3:34:50:c0:b6:
04:70:62:36:b0:3f:fb:97:77:26:e6:40:02:0e:e9:
44:2b:8c:b7:c0:db:de:7c:b0:61:0a:5a:b0:75:3e:
0c:bc:92:6b:d7:13:7c:46:6a:33:43:4c:fd:d4:34:
52:09:b1:ce:bf:9c:4e:c3:68:0f:15:4e:e5:56:d3:
2a:60:35:2c:12:ba:f2:38:1c:99:db:c5:5f:58:0c:
2a:33:a2:33:95:8c:de:08:0b:2a:83:b4:16:9b:29:
bb:99:e8:2d:a5:be:b3:2c:28:ca:ef:51:39:1d:55:
e8:b9:60:91:0b:1c:7e:9f:a9:3d:16:be:0b:7e:62:
31:a6:bb:d2:ee:1b:8e:2f:da:52:96:ab:0d:28:c6:
c9:e7:84:49:5c:98:cc:ae:8a:6a:d6:89:61:f4:16:
c7:e5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
99:DD:A2:B9:F8:3A:D0:23:A2:6A:77:F4:6B:F3:97:49:DB:93:1E:7F
X509v3 Authority Key Identifier:
keyid:5D:A0:57:77:F9:C9:CD:DE:88:A9:BE:D0:FB:F0:FC:8A:19:B5:9D:F0
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
serial:92:45:C8:D4:6A:59:85:37
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:chris
Signature Algorithm: sha256WithRSAEncryption
a8:7c:76:86:8b:02:dc:9d:9b:b3:c4:70:2e:d0:00:fe:54:73:
74:cd:a8:2a:5f:34:20:c0:a5:f8:cb:a6:5e:eb:74:aa:e0:02:
79:9e:57:d9:10:dc:85:6a:00:07:b2:97:6b:ee:72:d1:1b:72:
c5:fc:fe:83:58:10:91:6e:50:8c:0d:7f:89:85:0d:da:75:21:
fa:bc:fe:27:82:c3:62:8b:0d:4d:f3:60:7f:2c:29:00:d3:64:
7c:13:c3:ac:6e:5e:87:2e:55:0e:66:73:0c:23:3f:b1:11:99:
85:d4:9e:79:c7:00:e8:12:be:38:17:04:1b:4d:57:cb:40:60:
60:8b:0e:48:c6:bd:c5:19:d2:83:55:06:00:31:5e:87:b0:86:
67:7e:d4:ea:33:af:d2:34:60:7d:44:84:40:c4:09:54:db:8a:
f6:f4:4a:8f:b6:65:b1:23:98:e5:e1:4a:52:5d:81:d8:b6:30:
ef:7a:76:c1:0e:b8:c8:c7:28:c5:53:a8:18:4c:36:d0:4e:1d:
7b:43:6d:f6:42:d8:dc:33:3b:94:5c:01:5f:45:79:69:07:8f:
aa:1a:58:81:25:ed:14:e2:c3:9d:a0:31:3c:a0:6f:1e:9e:cd:
94:ff:d9:f2:aa:ed:3a:d8:f1:fb:91:58:b9:90:ef:bf:93:c0:
89:13:da:8c:ab:ec:38:c9:f6:cf:a4:63:70:14:ed:72:80:64:
74:d4:6e:11:a5:a8:ab:16:52:25:7f:df:ee:5f:4b:5b:ff:e2:
18:ed:b8:00:37:24:f3:93:a0:17:04:9f:d6:00:47:67:63:6a:
f6:08:44:cf:36:61:b4:41:c8:7b:eb:25:99:02:12:77:ce:b3:
9e:d6:bf:95:d9:18:a2:ca:27:8a:61:d6:29:13:fa:52:c1:55:
cc:d9:54:1d:78:12:5c:fa:57:3d:3f:08:79:53:d9:0e:bf:32:
d1:0d:a4:bc:89:a2:9e:ae:54:24:e6:a4:88:8a:71:f1:7e:92:
e4:77:fd:ff:29:75:73:b3:19:cd:67:3b:04:f7:83:be:40:f8:
3e:f4:9d:66:97:50:b6:54:06:54:4a:27:71:59:0a:8f:84:73:
1e:f7:61:18:54:f3:67:eb:0c:bf:7e:8d:88:b0:ba:2f:08:7c:
38:e6:01:02:2a:16:2b:dc:1d:82:e2:cd:9b:69:26:1a:ea:6b:
ba:06:ec:c6:3c:d2:57:ec:1d:33:e7:51:4f:e3:91:d4:41:60:
1c:c6:93:7c:ab:15:7a:44:28:dd:64:eb:55:d5:93:72:2f:f6:
50:c0:fc:e6:bd:fd:0f:39:79:29:a3:f1:ae:3d:65:0f:86:2e:
c4:da:3b:1e:de:06:2f:23
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MzI1WhcNMzcwODA5MTU1MzI1WjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMT
EEhPTUUtQ0tVQlUtY2hyaXMxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG
9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDA5DrGxKOrIDkG6bN41khikTnVEWmg35qFA1OkbezVg8e0tuhAhDqh
ugWUbbKJAj/KIwQS1z/8yNfkb5GKNEJYCnUvuvnxc/AKJ1c5DrijeRm5PHyXs7sn
RFm+EOB5G+czct5JEfTUkVsftSZboLhQ+GESNB4DJj7cZX5Eb3CQQm60a4cBMzEa
r9W7LyWBQEHcuY3oI6s/R9g72QGJaNQWJklBT4TOcnz3nvs5/SYvvxVsykqDD8ii
9SzqA3zuvBoTUHFaw7YfoBkclQ5ziV0iNYUXb937DArbvnhNbDxb9EjBCmJxZ8Uh
ryVIyLnSvtLgar3I/eHFeJEhxwdhmNuYR1tLKjkVLFb6rTWZiizRUSUnidNHXbu1
K/FbOsurd3ZRLMttZNTc1kNdXy3JDUToy9rZOUpoRbfY1UnCNN2tWNB+U6wYgAUn
V1bZhWnUdX1stP96G3kIjff1LvfcheevgaLDNFDAtgRwYjawP/uXdybmQAIO6UQr
jLfA2958sGEKWrB1Pgy8kmvXE3xGajNDTP3UNFIJsc6/nE7DaA8VTuVW0ypgNSwS
uvI4HJnbxV9YDCozojOVjN4ICyqDtBabKbuZ6C2lvrMsKMrvUTkdVei5YJELHH6f
qT0Wvgt+YjGmu9LuG44v2lKWqw0oxsnnhElcmMyuimrWiWH0FsflJQIDAQABo4IB
bzCCAWswCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZ3aK5+DrQI6Jqd/Rr85dJ25MefzCB
2wYDVR0jBIHTMIHQgBRdoFd3+cnN3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMT
CkhPTUUtQ0tVQlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEW
EHN1cHBvcnRAb29wZW4uZGWCCQCSRcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcD
AjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkwB4IFY2hyaXMwDQYJKoZIhvcNAQELBQAD
ggIBAKh8doaLAtydm7PEcC7QAP5Uc3TNqCpfNCDApfjLpl7rdKrgAnmeV9kQ3IVq
AAeyl2vuctEbcsX8/oNYEJFuUIwNf4mFDdp1Ifq8/ieCw2KLDU3zYH8sKQDTZHwT
w6xuXocuVQ5mcwwjP7ERmYXUnnnHAOgSvjgXBBtNV8tAYGCLDkjGvcUZ0oNVBgAx
Xoewhmd+1Oozr9I0YH1EhEDECVTbivb0So+2ZbEjmOXhSlJdgdi2MO96dsEOuMjH
KMVTqBhMNtBOHXtDbfZC2NwzO5RcAV9FeWkHj6oaWIEl7RTiw52gMTygbx6ezZT/
2fKq7TrY8fuRWLmQ77+TwIkT2oyr7DjJ9s+kY3AU7XKAZHTUbhGlqKsWUiV/3+5f
S1v/4hjtuAA3JPOToBcEn9YAR2djavYIRM82YbRByHvrJZkCEnfOs57Wv5XZGKLK
J4ph1ikT+lLBVczZVB14Elz6Vz0/CHlT2Q6/MtENpLyJop6uVCTmpIiKcfF+kuR3
/f8pdXOzGc1nOwT3g75A+D70nWaXULZUBlRKJ3FZCo+Ecx73YRhU82frDL9+jYiw
ui8IfDjmAQIqFivcHYLizZtpJhrqa7oG7MY80lfsHTPnUU/jkdRBYBzGk3yrFXpE
KN1k61XVk3Iv9lDA/Oa9/Q85eSmj8a49ZQ+GLsTaOx7eBi8j
-----END CERTIFICATE-----

39
CKUBU/openvpn/home-ckubu/keys/ca.crt Normal file
View File

@ -0,0 +1,39 @@
-----BEGIN CERTIFICATE-----
MIIG4jCCBMqgAwIBAgIJAJJFyNRqWYU3MA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczETMBEGA1UEAxMK
SE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqGSIb3DQEJARYQ
c3VwcG9ydEBvb3Blbi5kZTAeFw0xNzA4MDkxNDAxNDRaFw00OTA4MDkxNDAxNDRa
MIGmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJs
aW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczET
MBEGA1UEAxMKSE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqG
SIb3DQEJARYQc3VwcG9ydEBvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBALae3zg7UYlmziw+LCYVg65H+lKNOcj/JArsL2MOnYEcmrePLI4e
GWRppLVpxKeG9kIpfVglfqRDdEY9eOFguJs+MsKwwRi2LzY1rCjDazCjTnQ0L0Zj
1RqJT1LqaEkzLv0cAWxza67K/n6vMaXxQ59jNAW/bOik1SogHiwrT78f2e+Zu3K8
tqkuuDwtwbU0jzL+m+IuHNVl1CTcAIZRmFbdxpWfi5pocrbOIlCwXbUP8ltp/E/t
xLKQqBP3ccgFwPuCGZBymUcpRdMgiDwifYnZK3H4STLSDN4b6K1PclKh46QuxDv2
egap+vctIKJRLguAPqRVjSoYK5UXUcZC+R6t8rHvxDGLwvk3IPeEI9z5bCvnm8cw
0e4/dr1EDjtwHXtw8X6DDf2biNmq4edCRxrgyQKwSOAsC4MhzFNPM112N1nJNrpR
nXNCKRNGF4MdI/zFqRLraafk0eT6yP9/6lmoQDJsjhUH/ziOB+cPS4XmUI/XwMF5
c56mD49gdG4ZivDtJeGcdZ4TSbD/lvc3yI1ECgouFPcBAJHwendA29xYMmuj4oCP
stW7N8HARZWzfwIdbB/HHupHIZ1HV4ACY0H7Sju6SMFxWi09dl92BYG9rhMW/M6A
+k7WxW0IEqZyQgen3fTRw97GJXaLM+anwwl89c6trOaME1ql/w91lAInAgMBAAGj
ggEPMIIBCzAdBgNVHQ4EFgQUXaBXd/nJzd6Iqb7Q+/D8ihm1nfAwgdsGA1UdIwSB
0zCB0IAUXaBXd/nJzd6Iqb7Q+/D8ihm1nfChgaykgakwgaYxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5P
UEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRMwEQYDVQQDEwpIT01FLUNL
VUJVMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0
QG9vcGVuLmRlggkAkkXI1GpZhTcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF
AAOCAgEAquNynEChfqP/lTY48YE3xhDycq0YF0WimD5NzKPgrCIP/1x3lyufzoiz
8DrqVZ61LKdJUJMcWRmyqiXS3WZFX9X7ktZvmf37E7JUvorSuF21PMm9Oj0yUsUX
y0AFUiH3fpNhCMxYiCqS85wWBy1+/6np1RodihGTPcLwAGLIVGEklyffyamQ2i2E
TZwZrZJrmLyzsdn4PT3vJyfAUUbcpgf32zjEZCCozlSdisZi8cn2pL7y1pcXA5Oi
gvLhDNntYTKcE1JjWqa/989JJgvvYD2fgCo+DkPw6i/Dic0UAZypHLKqiCc4f3Pc
GqtaY7nxQjMSGVnMjEn2yzyFtXep4lXn16Nh8ZnGbEk3dqCIBS2xzjcUs6YRdyMb
b2JIflNuI4Wrqx5CTyMM7lSNapZRPiP7Qw4xyq+og1TABJuc+9A3Pj/R/oztoHim
9p1zCM4m3tEBUCkYxet87BojVn4MQ37pees1Xi4oAFHqU5mCwpakO6rVOt4Y4vyZ
K4eF0w3NoRl+z4tbDFh+RjUj5tChKcMxaSitCsD0GGvd0nlO550tbxjMZlchpLhP
xG+rcU6098AdwAIjESyYfowVhHT+BDTefXphSYMz0ImaiBzbGwEmpce7sD1bYFSn
Wer/Kh24vsIIxcO2PNEKvQbO/I7YD4Yjk4pVGTUgD54LLX7k+7U=
-----END CERTIFICATE-----

52
CKUBU/openvpn/home-ckubu/keys/ca.key Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC2nt84O1GJZs4s
PiwmFYOuR/pSjTnI/yQK7C9jDp2BHJq3jyyOHhlkaaS1acSnhvZCKX1YJX6kQ3RG
PXjhYLibPjLCsMEYti82Nawow2swo050NC9GY9UaiU9S6mhJMy79HAFsc2uuyv5+
rzGl8UOfYzQFv2zopNUqIB4sK0+/H9nvmbtyvLapLrg8LcG1NI8y/pviLhzVZdQk
3ACGUZhW3caVn4uaaHK2ziJQsF21D/JbafxP7cSykKgT93HIBcD7ghmQcplHKUXT
IIg8In2J2Stx+Eky0gzeG+itT3JSoeOkLsQ79noGqfr3LSCiUS4LgD6kVY0qGCuV
F1HGQvkerfKx78Qxi8L5NyD3hCPc+Wwr55vHMNHuP3a9RA47cB17cPF+gw39m4jZ
quHnQkca4MkCsEjgLAuDIcxTTzNddjdZyTa6UZ1zQikTRheDHSP8xakS62mn5NHk
+sj/f+pZqEAybI4VB/84jgfnD0uF5lCP18DBeXOepg+PYHRuGYrw7SXhnHWeE0mw
/5b3N8iNRAoKLhT3AQCR8Hp3QNvcWDJro+KAj7LVuzfBwEWVs38CHWwfxx7qRyGd
R1eAAmNB+0o7ukjBcVotPXZfdgWBva4TFvzOgPpO1sVtCBKmckIHp9300cPexiV2
izPmp8MJfPXOrazmjBNapf8PdZQCJwIDAQABAoICAASeBbTNQyV/NO1HcSRRXO/2
H+0gZvqfANFJ4XTWtMLD72F+vDinqCqyxRhVIUS/E9Deba3h3M7YacMw4LKKGIDM
VMo5X9h5Gr57Iuww7K/hISWtABj+gy/VkuzcwmA/bAu4Poz4ahuURFT9pvq0G+qW
voT6rw0+xaj4AOtK+QwzCPaW43dmMBQc+0mCOqiTOJ+oclaIpe/7UB7SdSzwOTLR
DqlPzF7OD0Bx+8oge24Nhiorhtaag2OkZquCkRzmkFeLlYviad+zunE5HFiw4o2u
sPuDtI4VY3/mIr7nCFPwhenryMhfVfx/JbpEKNQRy2E9D9hl1VjgHZH6cfXaUaQa
7gRjlL4/UA7gZLQlpe8JhVYz4sNOCsxopyjpAnfoFegfb20Dxu8vzGQ3vhzqKhKA
gfFuVX+yZL5DdrWCcpXMJIdZyN/A0G/SnKfCLUQ86MMajnzG2AbI5IumSXRFm1rN
A9KmdHqTD0/tS3DNdNo4lfcRVUXbM4H328rdj1Mq09IJN6xtNPEHbDit3Q+/7E+I
bFAGLmxXtR87FjY/N7TW1SgZUM3UY6ASJ10QFMyrJrVVHhdnKLs3cIpGz40TsSaf
5l0aSXGqAprIGkNExxpwztdO2QsCZaNpg3NzzwCSnofweqlRfaRsPAriiNoA6K06
Yvp3kIB3038+502k955JAoIBAQDyvXB/1xMxUQOAI9X/ltVR+jDIETNVKOUFicDf
CMsQV3In23N9SKEUEpucgbsLJvN04kKOIZKE6E9J9a/J9ftaZJSyg0Ge+/rKK8c0
K6w891I08dowYtw42X3U24HvJv9U9AP/OGTQv6DzM2TJqCCYK8BxymWsBcMxd8dR
jhoIjuxv/H+osg8tXsS/2eHuwyNf0qkh/ln7kgdzVHgu5hB34LVe8Cu7/eSMwlcF
+yYQJsqBwV9aA1ozK8UairULyZifoRTBfvETYRiwEqn9AkYwj8gA7MaAOb2TUFec
XNRSpR3g8gv2JsvN6XiwSxnl9QePWFTErV8FONT4eXLbUHfrAoIBAQDAmLOsATrF
nkVdcifMOX8CYrqCbJNst1Wh0FEv0OxZUEcvgm4F7u0tw8wEb9RrMVrHcuNQ0nrv
1lECyuazuny5W+LbphoKM174JbfHmtHACg6hJ8w5IDC5g9Q/jtpA8kG0EfzyBuQL
FH1mtUkf1wwX4wxgz7SQgF7gATDAinID2qrgFYHzjXK5OsgVcl3mmQqbyBKkMqaU
bGM28FWtFNdhUvVin/ZmaGU9/uKMRa9z2ye4zR+2Kd92aXOLOUQ0hJnmjfXlZFFN
F2TH78eK4G/wanEj6b0BHZqCg012dGj4WttoRvBnl9WnXGrXFnKRfzGA0WjU6yGC
OV8lewV2sGu1AoIBAHXxK89BzjaBGYVSZDEqtX1+ZeNf0CRJmXWmaAs2d4v6ISJS
k3vFJVbeb7OMqTgS9enN4e6zS0C+q3/RG1ey6C0Uf9d4xRKddk5zFPg5XBfHR68n
8A7gigYpTuV0vl5YAWniomqImRuAcJCaYRdGVIf7gicH43zA1AWeID91HxsXbrQ+
6DwsQAmYaVqaYBelwvNVJQ66SjhczLfxy+9lo4zLpvR5F5bhFwJ5jtT+IZFpd62y
KkVPKa2BT+TEjpEqo7i0CKS3rCTxYZBzkRq41yfTRKeGZDB7XaxNNjRoOlXpmmno
0X0Jfq8PCLAH3Y6JDuJMVeu2HVwpL/mG8RK0t38CggEBAIhPi1rBxAb57b4lfWVd
jDb0CW0ly3G2kDTma4+cHqtX1goaFiS85cDuQwcg3wa+97ER7zDUx43X8Z44XO/3
nS7TicxL00JE+YJHr7rmKG3ysEf/EtubnOCwHRie0noE+9umn4/ssJnm9poq1IZk
fXqqh6g9WV6sfHmuXgLn+aogqa/PiRoHkprmr5X+S9dZmdiH0inEb4G89Lt9fiXy
Cj4nqOUUsh/o4z7tlwoQiA1HnuV8yGT1XeNA3zY6YbuJ3iL/dnnUdnZJiFq5qlDw
aEmQDGOOmuafPSwCImEkIucj5wX2r0+iduTs0/FHQe8YRsEVdUy83gp88Ipmd4d5
dcECggEBAOwamiapuqbq5pG35i6ratzhsOO29siwSgzcHZJNJ2y2vhOeaovnckKb
HCPoBx4s+g3f0HqtRL4LqriprpAoDm9S8w+rUxYdSBsRG11c2A5M6pSDlMaSj9Q/
rSX7js4CBiCnU9d5zVx3hpV2tC3Hbwv7p6qZHjMZCWIhbdAgnCmJInPJ3a/dnFLR
x3gbHFpJogaVdqj+wMl8KPBTpxynXacRhrmL0vTSluTR/JNBI9lzHjUTkIWAL7fu
y3TpsfLzzFOx64984sCWjjD8f0x0WnLxs6pn2n+OFSlEiRAtd+enek9dWR2mn7Bl
fcz/AV/tpNScYj3viev/6L6UZt6LKss=
-----END PRIVATE KEY-----

139
CKUBU/openvpn/home-ckubu/keys/chris.crt Normal file
View File

@ -0,0 +1,139 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
Validity
Not Before: Aug 9 15:53:25 2017 GMT
Not After : Aug 9 15:53:25 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU-chris/name=HOME-CKUBU/emailAddress=support@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c0:e4:3a:c6:c4:a3:ab:20:39:06:e9:b3:78:d6:
48:62:91:39:d5:11:69:a0:df:9a:85:03:53:a4:6d:
ec:d5:83:c7:b4:b6:e8:40:84:3a:a1:ba:05:94:6d:
b2:89:02:3f:ca:23:04:12:d7:3f:fc:c8:d7:e4:6f:
91:8a:34:42:58:0a:75:2f:ba:f9:f1:73:f0:0a:27:
57:39:0e:b8:a3:79:19:b9:3c:7c:97:b3:bb:27:44:
59:be:10:e0:79:1b:e7:33:72:de:49:11:f4:d4:91:
5b:1f:b5:26:5b:a0:b8:50:f8:61:12:34:1e:03:26:
3e:dc:65:7e:44:6f:70:90:42:6e:b4:6b:87:01:33:
31:1a:af:d5:bb:2f:25:81:40:41:dc:b9:8d:e8:23:
ab:3f:47:d8:3b:d9:01:89:68:d4:16:26:49:41:4f:
84:ce:72:7c:f7:9e:fb:39:fd:26:2f:bf:15:6c:ca:
4a:83:0f:c8:a2:f5:2c:ea:03:7c:ee:bc:1a:13:50:
71:5a:c3:b6:1f:a0:19:1c:95:0e:73:89:5d:22:35:
85:17:6f:dd:fb:0c:0a:db:be:78:4d:6c:3c:5b:f4:
48:c1:0a:62:71:67:c5:21:af:25:48:c8:b9:d2:be:
d2:e0:6a:bd:c8:fd:e1:c5:78:91:21:c7:07:61:98:
db:98:47:5b:4b:2a:39:15:2c:56:fa:ad:35:99:8a:
2c:d1:51:25:27:89:d3:47:5d:bb:b5:2b:f1:5b:3a:
cb:ab:77:76:51:2c:cb:6d:64:d4:dc:d6:43:5d:5f:
2d:c9:0d:44:e8:cb:da:d9:39:4a:68:45:b7:d8:d5:
49:c2:34:dd:ad:58:d0:7e:53:ac:18:80:05:27:57:
56:d9:85:69:d4:75:7d:6c:b4:ff:7a:1b:79:08:8d:
f7:f5:2e:f7:dc:85:e7:af:81:a2:c3:34:50:c0:b6:
04:70:62:36:b0:3f:fb:97:77:26:e6:40:02:0e:e9:
44:2b:8c:b7:c0:db:de:7c:b0:61:0a:5a:b0:75:3e:
0c:bc:92:6b:d7:13:7c:46:6a:33:43:4c:fd:d4:34:
52:09:b1:ce:bf:9c:4e:c3:68:0f:15:4e:e5:56:d3:
2a:60:35:2c:12:ba:f2:38:1c:99:db:c5:5f:58:0c:
2a:33:a2:33:95:8c:de:08:0b:2a:83:b4:16:9b:29:
bb:99:e8:2d:a5:be:b3:2c:28:ca:ef:51:39:1d:55:
e8:b9:60:91:0b:1c:7e:9f:a9:3d:16:be:0b:7e:62:
31:a6:bb:d2:ee:1b:8e:2f:da:52:96:ab:0d:28:c6:
c9:e7:84:49:5c:98:cc:ae:8a:6a:d6:89:61:f4:16:
c7:e5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
99:DD:A2:B9:F8:3A:D0:23:A2:6A:77:F4:6B:F3:97:49:DB:93:1E:7F
X509v3 Authority Key Identifier:
keyid:5D:A0:57:77:F9:C9:CD:DE:88:A9:BE:D0:FB:F0:FC:8A:19:B5:9D:F0
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
serial:92:45:C8:D4:6A:59:85:37
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:chris
Signature Algorithm: sha256WithRSAEncryption
a8:7c:76:86:8b:02:dc:9d:9b:b3:c4:70:2e:d0:00:fe:54:73:
74:cd:a8:2a:5f:34:20:c0:a5:f8:cb:a6:5e:eb:74:aa:e0:02:
79:9e:57:d9:10:dc:85:6a:00:07:b2:97:6b:ee:72:d1:1b:72:
c5:fc:fe:83:58:10:91:6e:50:8c:0d:7f:89:85:0d:da:75:21:
fa:bc:fe:27:82:c3:62:8b:0d:4d:f3:60:7f:2c:29:00:d3:64:
7c:13:c3:ac:6e:5e:87:2e:55:0e:66:73:0c:23:3f:b1:11:99:
85:d4:9e:79:c7:00:e8:12:be:38:17:04:1b:4d:57:cb:40:60:
60:8b:0e:48:c6:bd:c5:19:d2:83:55:06:00:31:5e:87:b0:86:
67:7e:d4:ea:33:af:d2:34:60:7d:44:84:40:c4:09:54:db:8a:
f6:f4:4a:8f:b6:65:b1:23:98:e5:e1:4a:52:5d:81:d8:b6:30:
ef:7a:76:c1:0e:b8:c8:c7:28:c5:53:a8:18:4c:36:d0:4e:1d:
7b:43:6d:f6:42:d8:dc:33:3b:94:5c:01:5f:45:79:69:07:8f:
aa:1a:58:81:25:ed:14:e2:c3:9d:a0:31:3c:a0:6f:1e:9e:cd:
94:ff:d9:f2:aa:ed:3a:d8:f1:fb:91:58:b9:90:ef:bf:93:c0:
89:13:da:8c:ab:ec:38:c9:f6:cf:a4:63:70:14:ed:72:80:64:
74:d4:6e:11:a5:a8:ab:16:52:25:7f:df:ee:5f:4b:5b:ff:e2:
18:ed:b8:00:37:24:f3:93:a0:17:04:9f:d6:00:47:67:63:6a:
f6:08:44:cf:36:61:b4:41:c8:7b:eb:25:99:02:12:77:ce:b3:
9e:d6:bf:95:d9:18:a2:ca:27:8a:61:d6:29:13:fa:52:c1:55:
cc:d9:54:1d:78:12:5c:fa:57:3d:3f:08:79:53:d9:0e:bf:32:
d1:0d:a4:bc:89:a2:9e:ae:54:24:e6:a4:88:8a:71:f1:7e:92:
e4:77:fd:ff:29:75:73:b3:19:cd:67:3b:04:f7:83:be:40:f8:
3e:f4:9d:66:97:50:b6:54:06:54:4a:27:71:59:0a:8f:84:73:
1e:f7:61:18:54:f3:67:eb:0c:bf:7e:8d:88:b0:ba:2f:08:7c:
38:e6:01:02:2a:16:2b:dc:1d:82:e2:cd:9b:69:26:1a:ea:6b:
ba:06:ec:c6:3c:d2:57:ec:1d:33:e7:51:4f:e3:91:d4:41:60:
1c:c6:93:7c:ab:15:7a:44:28:dd:64:eb:55:d5:93:72:2f:f6:
50:c0:fc:e6:bd:fd:0f:39:79:29:a3:f1:ae:3d:65:0f:86:2e:
c4:da:3b:1e:de:06:2f:23
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MzI1WhcNMzcwODA5MTU1MzI1WjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMT
EEhPTUUtQ0tVQlUtY2hyaXMxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG
9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDA5DrGxKOrIDkG6bN41khikTnVEWmg35qFA1OkbezVg8e0tuhAhDqh
ugWUbbKJAj/KIwQS1z/8yNfkb5GKNEJYCnUvuvnxc/AKJ1c5DrijeRm5PHyXs7sn
RFm+EOB5G+czct5JEfTUkVsftSZboLhQ+GESNB4DJj7cZX5Eb3CQQm60a4cBMzEa
r9W7LyWBQEHcuY3oI6s/R9g72QGJaNQWJklBT4TOcnz3nvs5/SYvvxVsykqDD8ii
9SzqA3zuvBoTUHFaw7YfoBkclQ5ziV0iNYUXb937DArbvnhNbDxb9EjBCmJxZ8Uh
ryVIyLnSvtLgar3I/eHFeJEhxwdhmNuYR1tLKjkVLFb6rTWZiizRUSUnidNHXbu1
K/FbOsurd3ZRLMttZNTc1kNdXy3JDUToy9rZOUpoRbfY1UnCNN2tWNB+U6wYgAUn
V1bZhWnUdX1stP96G3kIjff1LvfcheevgaLDNFDAtgRwYjawP/uXdybmQAIO6UQr
jLfA2958sGEKWrB1Pgy8kmvXE3xGajNDTP3UNFIJsc6/nE7DaA8VTuVW0ypgNSwS
uvI4HJnbxV9YDCozojOVjN4ICyqDtBabKbuZ6C2lvrMsKMrvUTkdVei5YJELHH6f
qT0Wvgt+YjGmu9LuG44v2lKWqw0oxsnnhElcmMyuimrWiWH0FsflJQIDAQABo4IB
bzCCAWswCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZ3aK5+DrQI6Jqd/Rr85dJ25MefzCB
2wYDVR0jBIHTMIHQgBRdoFd3+cnN3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMT
CkhPTUUtQ0tVQlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEW
EHN1cHBvcnRAb29wZW4uZGWCCQCSRcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcD
AjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkwB4IFY2hyaXMwDQYJKoZIhvcNAQELBQAD
ggIBAKh8doaLAtydm7PEcC7QAP5Uc3TNqCpfNCDApfjLpl7rdKrgAnmeV9kQ3IVq
AAeyl2vuctEbcsX8/oNYEJFuUIwNf4mFDdp1Ifq8/ieCw2KLDU3zYH8sKQDTZHwT
w6xuXocuVQ5mcwwjP7ERmYXUnnnHAOgSvjgXBBtNV8tAYGCLDkjGvcUZ0oNVBgAx
Xoewhmd+1Oozr9I0YH1EhEDECVTbivb0So+2ZbEjmOXhSlJdgdi2MO96dsEOuMjH
KMVTqBhMNtBOHXtDbfZC2NwzO5RcAV9FeWkHj6oaWIEl7RTiw52gMTygbx6ezZT/
2fKq7TrY8fuRWLmQ77+TwIkT2oyr7DjJ9s+kY3AU7XKAZHTUbhGlqKsWUiV/3+5f
S1v/4hjtuAA3JPOToBcEn9YAR2djavYIRM82YbRByHvrJZkCEnfOs57Wv5XZGKLK
J4ph1ikT+lLBVczZVB14Elz6Vz0/CHlT2Q6/MtENpLyJop6uVCTmpIiKcfF+kuR3
/f8pdXOzGc1nOwT3g75A+D70nWaXULZUBlRKJ3FZCo+Ecx73YRhU82frDL9+jYiw
ui8IfDjmAQIqFivcHYLizZtpJhrqa7oG7MY80lfsHTPnUU/jkdRBYBzGk3yrFXpE
KN1k61XVk3Iv9lDA/Oa9/Q85eSmj8a49ZQ+GLsTaOx7eBi8j
-----END CERTIFICATE-----

29
CKUBU/openvpn/home-ckubu/keys/chris.csr Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE REQUEST-----
MIIE8jCCAtoCAQAwgawxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr
IFNlcnZpY2VzMRkwFwYDVQQDExBIT01FLUNLVUJVLWNocmlzMRMwEQYDVQQpEwpI
T01FLUNLVUJVMR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0QG9vcGVuLmRlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwOQ6xsSjqyA5BumzeNZIYpE51RFp
oN+ahQNTpG3s1YPHtLboQIQ6oboFlG2yiQI/yiMEEtc//MjX5G+RijRCWAp1L7r5
8XPwCidXOQ64o3kZuTx8l7O7J0RZvhDgeRvnM3LeSRH01JFbH7UmW6C4UPhhEjQe
AyY+3GV+RG9wkEJutGuHATMxGq/Vuy8lgUBB3LmN6COrP0fYO9kBiWjUFiZJQU+E
znJ89577Of0mL78VbMpKgw/IovUs6gN87rwaE1BxWsO2H6AZHJUOc4ldIjWFF2/d
+wwK2754TWw8W/RIwQpicWfFIa8lSMi50r7S4Gq9yP3hxXiRIccHYZjbmEdbSyo5
FSxW+q01mYos0VElJ4nTR127tSvxWzrLq3d2USzLbWTU3NZDXV8tyQ1E6Mva2TlK
aEW32NVJwjTdrVjQflOsGIAFJ1dW2YVp1HV9bLT/eht5CI339S733IXnr4GiwzRQ
wLYEcGI2sD/7l3cm5kACDulEK4y3wNvefLBhClqwdT4MvJJr1xN8RmozQ0z91DRS
CbHOv5xOw2gPFU7lVtMqYDUsErryOByZ28VfWAwqM6IzlYzeCAsqg7QWmym7megt
pb6zLCjK71E5HVXouWCRCxx+n6k9Fr4LfmIxprvS7huOL9pSlqsNKMbJ54RJXJjM
ropq1olh9BbH5SUCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQChm1NZmMoGNRdv
pAjF02f0/1QDOoxmnNC8IcQ+LXQSEwdxz9R2IdNPpqMYHw4iKv8AcnbQCqXyqqye
Ec8TEPHxtrEm7fIsoTKG9SNL6/QzAIM795ZBGi9J5nw+smwaKsUqiOwT2RjUWTnU
1oXEbxYsOvtD4UYYY4OUm6sH2yL/1Ki3Xqz8AqexVfW2seq3oTwOlTPxHynFLid2
yMARkcMnakTlW63p6bNEUUhdDmZD1IWcpd08lUF0iovFNh3Z2OowSrE5QBD4UbzH
DUQJ9VuyWHcyhETHQOpZSM3o6Jb3AMuPreyc9+NnGeQwtQpOe6sKg48hf6reB+H4
BSDoWRevH8qRZPRkY8uE2FlXK+jUTboB1GMp3LRu9sVZLsbGETueP/1knv2uzWI7
f1IabglUo1gPSyh5wXMwHGfEhP92omNC0ujsiGedp/xmUDvVjIgK28jZSDvzDO89
rqr+wEaiRyWWxoUVA8KXncmHp8FSIV8EX71hCzGeukXpXgedWssA6jgAEDos99Vf
JQpZGKtB0KnEfkddmNWMT0VQ0jO9OyqxJ5+OXG2/pHdTRQCFfYSnOA6iXUySliI6
EtiYHTJAG//mIqM7tCIHvWidzNarnsmQxDYg1ul36tuUHMNDA5Pw0WnYdieXE0wF
f7BXlUhKTv1L90VkEkvEYc/U7QAkyA==
-----END CERTIFICATE REQUEST-----

54
CKUBU/openvpn/home-ckubu/keys/chris.key Normal file
View File

@ -0,0 +1,54 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,A8DCE11902B81F52
YoUKcSwJtgulV5k8iXSNF/U2joi5fD9mOXOy5qQWkn20s3uAnapYL05jv7x5WZnB
r9Q37oFVgB5bu0THLqa64fORUOOmin/PhepgBkV1BWmx75Y1FdHaylnBqqudlhn+
Ae/pXlhWET1aWXvdKPGMhFJ+RKevHEoThGMxHC/Hj3a0Rl+AzrPbl6YROZ1eM2cB
Kd3nWrdrGhcUyDUn8cg9n1pDnouEGm/krbn1zjQsISlYmxDMoHBHAj+bAFJKTtkt
NiidhN2lNbw9WfEOm5MZCaM0c1GrK1Uw9AhpkZcvKhVx6yZNa52c53a/xxzoPcq8
kA+4n73NoyJzmi+q8egPKCBt2lXyHPDkfsrns3ljJPG7DMPfSazKH6KG4B/ONS9b
wxzNCuyFyWfJdbDpN02FXZHeyg7CGPU4kpSgy0XwFakjQ6+a5hbRLIVkDb8PCvIA
ayLSOvB9WgQzBQjnXyiujTMDz4FzLOVzGJUGKvgkNqv7oxHbCjNTynS+VIWw8wAk
nLcV7F8GTGU76h/TG9IOsVaq1eQIpXq01NvMwZAezh24QfM1VZwuB1vgcAren0P6
78pOKpuPtzEJWJy3zwbSGHtRetB+E7riU6eJHzFsZtJExxn2Rd3ATpIb7MtG9b0v
MKzqPhWHzEQz/psMrZaQ3ONsmi0Ti8Yjn/lvV5B/whwBEeJ101ju/ZXvPyqINzQH
5E1/Flwrr2hXkEchaGJoREN26tWUu5x5E7KWu37wzbb6533veoVFmoLm0+NdHDM6
+LOlq6xSy5vDH1qNaSPf7mtfBJVx/2f5I6IIGfPJ8wNWQsb7ij/vXpJIGaS3lee1
1ZMnIiFQAGs5rQh+XqWRLFL2Z5Omf8SeE4Zr3Pd5Ax9+8UjpNgMPlNCZ66yyOzO7
lwSQWbEVx8HG9Eg1hFOIgZhVbDmaukHLJcVaT0A0WR2/19iu3zZZ0VgJcz4i+Qp4
RlznHpOJQ6FvpydxW93BkRpikMfpRL8PdPKswbIbTAkwTCV7EIceSnH2NL+EFsLQ
/muGyx4IhpFsJB4gE0TR0t/U4FdBijILd3wZnFBxPfhofc393P2OfeRLk4tvaeae
Eqwzkcdcm5zG0dbxFUTXe7pQB54hRvJ/4XFMhTwQBjZDKr0RH0mNEgomqU8s8Lfm
qaMY3OGuYAMpTE3t+NIBdge8SoSSxxl/kR+2V2h04zjZ9uYss4b5Bj127tGbbSS8
nH4cDwysTTtcACuh8FLByoFio9Rnt73uckhflskaLvwZE/8A0uhD01F+chatvSAJ
Aix9oQwDtiyHF2t8C3eouOWl7Is+BDlh2iWYEaNPgFpXwR5eRqUpkDCDFurecT3t
ru7i47QftimArrx//dWdNZDDXC2vY32zr4e3wLoEkuFZb/uiXA067AVvCKTuN6H4
M00kzpAfyawLaLFsPFxi/hISWq96OzmguivsDsoraIl8Uz1xkL4/zhHdJDToHV4E
wTrQlvoA4zWDa3DNbwRH9vna/zY8owktR9nDb50xlmmzXT8ucAFN8BNLCeQMir4u
2HjGic2gBFrnOgafVXsnJam+a0ce2mPSRQ1hLNxquDdB3gT1Woiczhl1HBRX9U7K
BpOJeVWF9kLBhbTTWqXQMnZNOnh0iEmjtDg22dg0hsHsoo8z0ngUGGrDofPRQ9Xy
Aw/GmAwF7pmwSfIWiCndFMFeCN418nugtX2QavkIkm8OFm522RRwUCX5lKdZAlzG
nX947m997mZMtdilpcl/F03N6/gKu1S1Wrmug8sPD6R9mugzcNQDFRsS+8dcwmwf
+zYInaSO6tmI7+GqlaIORXB9vNawy9vElGOqx69No4vjHP1x9+6xEtJk4O6aRDtl
Ju7/NlDildpIhjIvnJe/eKEBDfyyGDlHyVAEqnf7Yzz92j+3ZugIz/zd4iTdGzfg
tsQx0x2i/WsDw11/cefPXth07kJVfgM3jdgk2d0Yd0LpWWjxUZp5H4zJ5FZ5yl6s
GFLYCK6Fj1QsWXd4qQjH7092ka5GKvYLcR4DxCocJ6tS1UE0MReI1YaJ8GU3dwaY
91+Q2j3+lPY3PKH8/MjL8ZZJoIjlyvXwYff1quObbUYIYbtuhJ3c1PYeigt/G5Du
nb4qJuZ6ue2OEfuvRnXgH4aNgZEfrVuYydDBxM55HpaxZBjC0ipqGYnC2X9rU7JI
dD+r0ymGoIt91ZhgnahhIx4zzrJ5i7BNujMYal9AEkPXV+VkY/iNJJKjIzFEc9J0
GX9ELhXHzed3xxy3goTqJPgY0u/jBsUca3l2AI9H8qjeAltbiRP+TdyafhCr/RX1
f2t+KLLvK7F2Ls4VcRPIpuEWrnbvJbh3ot5anzzR20ifFy2fIXyI/Sy/DPAy3hgD
adNfY29lyY8dLv/CTXju9AHEX/Z/IvEBBZkAUUIJ8v2wIR2HMOi/kCsEl3HnK/Sq
aKHenYE5QqME+Y6b8t+w3vhNT7HAcaH/sjrDn08Wls/XqTDEEr+fFV8i/Z0bFQjs
27pbdDrYCmQjGizP2INARVIBYeCk/LQ8kSgIy2pI6uzqdXiHjeeSLtLxl7fmLw3j
VNzCP0uY407/N6WTOYEvg/SHAYQZNA3zSA/xsNihRGGDvj75a0WI1p+QDMUUGiYJ
xdDU4lM+L6YP2yZ75XBUNhwHHX6C1vfQC/BvnszRSdnEZeq+bOwAkBDC31eH6y4J
tbqxOXB71x6Ljcwp3BnpKbnXt9VzLM+O96sSc4wOfJl7AeHWD6eEKJNT1mfjWfN3
jB68ezZhQpth7RilxtECMz4pcigGsljHkIfd9nweahAwq2RNwhz5cafpQqDeJV+c
0o05tSNvR8snLX+fbnBTxHl4025lTmJNh9Hv4DY3UnAVL/e/wkmupb6gYA+N3s03
ZJhhG0YBUviuuH6DrRdxTrHjnVveJHSuHhUHrgM3PeX8cspBBYbX77d52jqDS3HJ
UD6eCrIbxyDsKDFS1DEby2KZYM5CBmI4AzUW4nKBuRPZ0uFiM7b/KXptQvC/sUWE
6DgVcIz2ExivDyiHo5XSWsssRRI+vXtJ/GSghWTZuN6WI3whZtnYQyS0L+tZCRdi
GHaFz1YOvzTJZoWHZgXg0fe58Q7CLdco+66scYlHstj562mjsd7fPa59KaGKluvM
-----END RSA PRIVATE KEY-----

1
CKUBU/openvpn/home-ckubu/keys/crl.pem Symbolic link
View File

@ -0,0 +1 @@
../crl.pem

13
CKUBU/openvpn/home-ckubu/keys/dh4096.pem Normal file
View File

@ -0,0 +1,13 @@
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEAkb98/ZYPH87EHpUo6LatlbDgwe/tquFxg8EnrgAGaHrQMWDnSOvm
A1rXnnpql+avwnloGIqrQ+HjWMLq7KEBYc2W0KN37/qTQw0X7NPixQgDfaeainjQ
TpcAdjKcLCVeHd7J0aiKC/C1u1vRBCf14+wd0NZK7PXCRY8Ggft7hc0ya//riD+s
R4v1A1XXdMkns/YJMKzvvGEvV6IOlFuLUbbU6kYCUjVWDqsvNaRZpGuIiMis1e1l
PRtmIHGlhw/phKgK42ct5OIv2fjTkgg+u31ljptBBr6524HePx8ArifYySHIkk66
O6NeTQpX0VSqs4gpSgAQYAZS5M8DwMrMykmZml1PJkotevBP2YswNvTxwDRosaVu
1u0vJknjPyXnf+BvB9mbcZBVLqJ9YwdjxfVT5biIFVty7V5Oavxkn0zGdH+72eTT
t2FdyTx36Xwl/cRxeXENpVa4xsd7b1zxLLHP9gVHadrTsScplsiZcYZaxrMufuIp
r/I3W9FAgG8zxvnwNRPEjvqLEwuvgo0Ab3bQcl/Sz7Z36lo6TRS8y4V7uZdmdJ+w
92VxbVPFCb27veqrXooZJY5wVAkxdeG7NyS/MScC1JjpmqMK/fTcwfWzA0EH/k8Y
rEv324x/7ZK7gf9mNw21CcXHfBidZhyaU0imHQ5KhUOQS11xHQDqN4MCAQI=
-----END DH PARAMETERS-----

2
CKUBU/openvpn/home-ckubu/keys/index.txt Normal file
View File

@ -0,0 +1,2 @@
V 370809155041Z 01 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU-server/name=HOME-CKUBU/emailAddress=support@oopen.de
V 370809155325Z 02 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU-chris/name=HOME-CKUBU/emailAddress=support@oopen.de

1
CKUBU/openvpn/home-ckubu/keys/index.txt.attr Normal file
View File

@ -0,0 +1 @@
unique_subject = yes

1
CKUBU/openvpn/home-ckubu/keys/index.txt.attr.old Normal file
View File

@ -0,0 +1 @@
unique_subject = yes

1
CKUBU/openvpn/home-ckubu/keys/index.txt.old Normal file
View File

@ -0,0 +1 @@
V 370809155041Z 01 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU-server/name=HOME-CKUBU/emailAddress=support@oopen.de

1
CKUBU/openvpn/home-ckubu/keys/serial Normal file
View File

@ -0,0 +1 @@
03

1
CKUBU/openvpn/home-ckubu/keys/serial.old Normal file
View File

@ -0,0 +1 @@
02

142
CKUBU/openvpn/home-ckubu/keys/server.crt Normal file
View File

@ -0,0 +1,142 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
Validity
Not Before: Aug 9 15:50:41 2017 GMT
Not After : Aug 9 15:50:41 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=HOME-CKUBU-server/name=HOME-CKUBU/emailAddress=support@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:d5:6c:90:c5:16:11:24:57:61:7d:60:5f:48:f6:
05:a7:41:e4:09:74:39:63:d5:2b:5e:44:74:20:e1:
ec:d0:57:6d:1e:eb:e5:d0:77:c3:aa:52:c5:00:6e:
de:69:7d:af:43:d2:c8:d7:fe:6c:38:a6:76:f5:8e:
8e:70:e9:63:b6:58:71:9a:2f:95:fc:1b:65:73:29:
47:b4:82:90:25:52:34:59:f9:b9:9b:1d:f5:e8:f7:
18:a1:08:86:8a:c9:65:15:ae:05:09:c6:cb:8c:eb:
e4:cc:01:d6:a1:82:54:58:d1:5e:75:cc:f0:7b:fe:
f7:04:92:72:62:0d:b7:7f:fd:b4:8b:f8:8e:08:ac:
57:da:6c:ab:e1:0d:73:a5:62:55:f6:98:89:a5:9f:
19:4f:6e:b5:17:03:7d:e7:78:b0:15:29:15:af:7d:
f7:57:00:ef:10:4a:15:7d:fc:8e:b8:4c:da:04:67:
12:6f:71:1f:99:c0:36:e5:cf:37:35:3d:ec:b1:08:
3f:32:c5:51:53:9c:61:02:cf:da:03:56:bc:76:0c:
c5:94:94:f4:bf:12:8e:5c:65:1f:3f:0b:8d:20:20:
ee:12:d4:63:6c:94:b6:d2:00:f1:8f:53:6f:db:fc:
71:d6:56:1d:27:ad:fc:cf:55:b1:d7:fa:68:4d:e6:
b1:91:8f:2d:d4:8b:f6:20:26:f1:d7:e5:99:a0:e3:
42:53:21:ca:f9:63:28:6b:e4:24:7f:ca:5d:33:03:
53:8a:71:94:e6:4b:dc:70:79:2f:1e:fd:80:ad:4e:
20:6a:52:ec:2d:7a:ca:04:44:62:cf:6e:b0:47:7f:
5d:d4:39:c3:3b:a6:c2:8e:31:1e:6b:f1:72:89:ce:
e6:d5:61:de:cd:bd:30:2b:2c:fe:db:07:8d:f5:2f:
1c:eb:13:47:f1:ba:3a:bc:16:59:2b:cc:f0:0d:90:
8e:63:cc:67:86:1f:13:94:87:97:11:c3:f5:44:85:
dc:c0:e3:14:b1:df:d3:0b:a5:77:34:45:c6:25:9a:
8f:f9:f3:5b:c5:c6:83:f2:ed:7c:35:f9:15:2e:5f:
72:17:0e:fa:3b:7e:31:2a:76:28:d9:2f:7d:28:98:
ee:f9:48:29:3e:dd:fb:99:d3:30:88:06:9a:b7:6a:
c7:37:a6:92:56:db:be:d1:64:de:6e:b6:15:20:f9:
56:59:a7:be:f0:a5:96:a4:e4:06:b1:3e:c1:df:11:
a9:88:c8:10:2d:5e:0e:53:08:29:0f:e5:a2:57:58:
bc:e9:bb:e1:64:71:50:35:5b:aa:b0:04:87:33:d4:
31:a6:da:3e:15:9f:d6:2c:c6:39:ac:f4:fe:e1:48:
81:a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
Easy-RSA Generated Server Certificate
X509v3 Subject Key Identifier:
E8:E1:ED:6A:13:1F:29:D0:15:EF:B3:C1:57:7D:2E:4C:49:E0:CB:FB
X509v3 Authority Key Identifier:
keyid:5D:A0:57:77:F9:C9:CD:DE:88:A9:BE:D0:FB:F0:FC:8A:19:B5:9D:F0
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=HOME-CKUBU/name=HOME-CKUBU/emailAddress=support@oopen.de
serial:92:45:C8:D4:6A:59:85:37
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Subject Alternative Name:
DNS:server
Signature Algorithm: sha256WithRSAEncryption
96:98:28:5d:5f:64:66:c6:43:92:11:90:81:6a:f3:da:30:ad:
f4:d9:3f:17:19:d1:98:4a:a0:78:d2:8a:1f:1f:9d:27:b8:b6:
44:bc:8d:a4:86:04:6a:a9:1a:a3:b8:00:f7:b7:19:be:06:65:
e1:20:be:d4:3e:79:9b:17:36:90:96:78:ac:8b:08:c9:e5:dc:
d6:68:7b:8b:67:88:42:d2:0b:24:96:5b:24:b4:ea:a5:10:be:
59:23:57:f7:ee:52:ce:2d:79:f0:9c:a6:e1:3a:de:fe:46:8b:
af:a1:80:2e:08:34:ab:59:55:02:22:39:63:6b:ff:4c:ca:fa:
ba:f8:43:86:a3:7c:95:bb:5e:e8:85:17:02:ce:4f:7a:17:c9:
71:0f:13:13:c7:5b:cf:22:92:6a:a4:7f:ae:67:b4:78:6e:6b:
1b:10:81:10:b7:a0:c4:c6:d2:3b:c2:b1:1e:3f:b1:0b:a0:fa:
8e:36:0b:55:8c:8a:b9:8e:fb:85:e5:48:b5:9f:00:c9:52:e3:
91:4c:e5:ba:05:03:55:4c:1c:d0:ea:c5:36:40:5b:36:b6:cc:
7e:b9:c1:57:12:9a:e6:7f:41:69:6f:7a:24:5c:b8:66:c0:b6:
91:09:50:bc:75:2a:eb:28:9b:0a:4e:cb:fc:47:65:f5:3d:75:
80:89:83:7e:50:95:fb:07:19:1a:e4:cd:fd:5e:ce:4b:89:4c:
24:0c:c9:be:67:03:9f:65:63:b2:3f:24:39:40:76:cb:6a:3b:
86:7c:7b:9a:b6:b1:fe:7c:51:5b:ec:91:ff:ad:ff:3c:9d:00:
70:3b:af:30:e3:78:56:55:a8:77:2d:95:f1:a0:fc:e1:2e:f3:
9b:b0:3c:bd:52:dc:1b:cd:99:83:37:bc:2d:03:e4:4a:ec:f0:
88:7c:48:33:2b:99:1e:78:bf:d0:30:4f:e2:0e:c7:04:13:52:
9d:cb:33:ee:b7:98:e0:8e:f2:64:20:64:71:d5:24:67:9c:a4:
52:e6:3a:de:bd:d1:1d:2b:d7:60:d7:3b:53:59:bf:33:60:47:
bd:26:9a:de:46:25:63:cf:77:f3:69:38:6d:d2:1c:37:a5:61:
6e:27:4e:52:6f:8b:11:4c:6c:ba:0e:b6:ad:c7:23:cf:0c:be:
c8:18:a9:7d:46:8c:6d:64:4e:d2:06:b0:9c:9c:6e:14:58:4a:
a5:32:36:a5:0c:58:94:d8:8f:d8:e7:5e:69:0b:3f:30:68:5e:
ea:b4:3f:7b:2a:20:7a:3b:b2:af:27:4f:3f:0d:fe:1a:5a:61:
ed:05:2d:6b:65:8e:bf:86:b0:1c:51:0a:14:35:e7:31:6e:c6:
fa:86:7c:d2:97:ae:73:e3
-----BEGIN CERTIFICATE-----
MIIHXDCCBUSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MDQxWhcNMzcwODA5MTU1MDQxWjCBrTELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGjAYBgNVBAMT
EUhPTUUtQ0tVQlUtc2VydmVyMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZI
hvcNAQkBFhBzdXBwb3J0QG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEA1WyQxRYRJFdhfWBfSPYFp0HkCXQ5Y9UrXkR0IOHs0FdtHuvl0HfD
qlLFAG7eaX2vQ9LI1/5sOKZ29Y6OcOljtlhxmi+V/BtlcylHtIKQJVI0Wfm5mx31
6PcYoQiGisllFa4FCcbLjOvkzAHWoYJUWNFedczwe/73BJJyYg23f/20i/iOCKxX
2myr4Q1zpWJV9piJpZ8ZT261FwN953iwFSkVr333VwDvEEoVffyOuEzaBGcSb3Ef
mcA25c83NT3ssQg/MsVRU5xhAs/aA1a8dgzFlJT0vxKOXGUfPwuNICDuEtRjbJS2
0gDxj1Nv2/xx1lYdJ638z1Wx1/poTeaxkY8t1Iv2ICbx1+WZoONCUyHK+WMoa+Qk
f8pdMwNTinGU5kvccHkvHv2ArU4galLsLXrKBERiz26wR39d1DnDO6bCjjEea/Fy
ic7m1WHezb0wKyz+2weN9S8c6xNH8bo6vBZZK8zwDZCOY8xnhh8TlIeXEcP1RIXc
wOMUsd/TC6V3NEXGJZqP+fNbxcaD8u18NfkVLl9yFw76O34xKnYo2S99KJju+Ugp
Pt37mdMwiAaat2rHN6aSVtu+0WTebrYVIPlWWae+8KWWpOQGsT7B3xGpiMgQLV4O
UwgpD+WiV1i86bvhZHFQNVuqsASHM9Qxpto+FZ/WLMY5rPT+4UiBpS0CAwEAAaOC
AYowggGGMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDQGCWCGSAGG+EIB
DQQnFiVFYXN5LVJTQSBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1Ud
DgQWBBTo4e1qEx8p0BXvs8FXfS5MSeDL+zCB2wYDVR0jBIHTMIHQgBRdoFd3+cnN
3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJl
cmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsT
EE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tVQlUxEzARBgNVBCkT
CkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAb29wZW4uZGWCCQCS
RcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwEQYDVR0R
BAowCIIGc2VydmVyMA0GCSqGSIb3DQEBCwUAA4ICAQCWmChdX2RmxkOSEZCBavPa
MK302T8XGdGYSqB40oofH50nuLZEvI2khgRqqRqjuAD3txm+BmXhIL7UPnmbFzaQ
lnisiwjJ5dzWaHuLZ4hC0gskllsktOqlEL5ZI1f37lLOLXnwnKbhOt7+RouvoYAu
CDSrWVUCIjlja/9Myvq6+EOGo3yVu17ohRcCzk96F8lxDxMTx1vPIpJqpH+uZ7R4
bmsbEIEQt6DExtI7wrEeP7ELoPqONgtVjIq5jvuF5Ui1nwDJUuORTOW6BQNVTBzQ
6sU2QFs2tsx+ucFXEprmf0Fpb3okXLhmwLaRCVC8dSrrKJsKTsv8R2X1PXWAiYN+
UJX7Bxka5M39Xs5LiUwkDMm+ZwOfZWOyPyQ5QHbLajuGfHuatrH+fFFb7JH/rf88
nQBwO68w43hWVah3LZXxoPzhLvObsDy9UtwbzZmDN7wtA+RK7PCIfEgzK5keeL/Q
ME/iDscEE1KdyzPut5jgjvJkIGRx1SRnnKRS5jrevdEdK9dg1ztTWb8zYEe9Jpre
RiVjz3fzaTht0hw3pWFuJ05Sb4sRTGy6DratxyPPDL7IGKl9RoxtZE7SBrCcnG4U
WEqlMjalDFiU2I/Y515pCz8waF7qtD97KiB6O7KvJ08/Df4aWmHtBS1rZY6/hrAc
UQoUNecxbsb6hnzSl65z4w==
-----END CERTIFICATE-----

29
CKUBU/openvpn/home-ckubu/keys/server.csr Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE REQUEST-----
MIIE8zCCAtsCAQAwga0xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr
IFNlcnZpY2VzMRowGAYDVQQDExFIT01FLUNLVUJVLXNlcnZlcjETMBEGA1UEKRMK
SE9NRS1DS1VCVTEfMB0GCSqGSIb3DQEJARYQc3VwcG9ydEBvb3Blbi5kZTCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANVskMUWESRXYX1gX0j2BadB5Al0
OWPVK15EdCDh7NBXbR7r5dB3w6pSxQBu3ml9r0PSyNf+bDimdvWOjnDpY7ZYcZov
lfwbZXMpR7SCkCVSNFn5uZsd9ej3GKEIhorJZRWuBQnGy4zr5MwB1qGCVFjRXnXM
8Hv+9wSScmINt3/9tIv4jgisV9psq+ENc6ViVfaYiaWfGU9utRcDfed4sBUpFa99
91cA7xBKFX38jrhM2gRnEm9xH5nANuXPNzU97LEIPzLFUVOcYQLP2gNWvHYMxZSU
9L8SjlxlHz8LjSAg7hLUY2yUttIA8Y9Tb9v8cdZWHSet/M9Vsdf6aE3msZGPLdSL
9iAm8dflmaDjQlMhyvljKGvkJH/KXTMDU4pxlOZL3HB5Lx79gK1OIGpS7C16ygRE
Ys9usEd/XdQ5wzumwo4xHmvxconO5tVh3s29MCss/tsHjfUvHOsTR/G6OrwWWSvM
8A2QjmPMZ4YfE5SHlxHD9USF3MDjFLHf0wuldzRFxiWaj/nzW8XGg/LtfDX5FS5f
chcO+jt+MSp2KNkvfSiY7vlIKT7d+5nTMIgGmrdqxzemklbbvtFk3m62FSD5Vlmn
vvCllqTkBrE+wd8RqYjIEC1eDlMIKQ/loldYvOm74WRxUDVbqrAEhzPUMabaPhWf
1izGOaz0/uFIgaUtAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAgEAxgJAZXxkyl1N
pPVZ3LvUDGkJs2RqrjMPKicfHfCNACSNWPgg/n9AanG2GL8HoVS35uYfPRVQFrd3
eDfP1ef0pk52tnbez9/eCEet9ccF0pV+qgiS5XdsZIOhDKoIm3kpsw7v7emnzsRz
kwMIpwZ5lhutyJRIO4Erx02d9s+pPSpg/NtB84NYW1hMyMsrycIN8xIzrpAwTkd/
JGh4zw1D2DYlPZFYppjgcSUvATG4IK8X4JP2FtYwnz4402GjFEsajcvo2MtwYPaW
t4jhW2+1vxu/b+KcXrmQxbfSuw51pXw5dPEO6Mpp8acyMOxLqcfW2vokJACRGBvH
AJprrMdBa4joVLiLs3Ml1tHiyf5x/PvqHilnQoUA+1UyoQEXIJist9bYX6rJWFJ9
I00E+sjQXiyqASh3kiFeOMbNvSgS4PL4W6nHwFiqAaeB1UFro8lsfqg4op+vG+Ty
MmYzvdGaDGwqNy4hDq18AVuqvTfiIB3Nza8HWbsXzZSuLkoyTjvNjR5EKvyH0Qh/
bLadRrU5zIMTc1mtGnkGcGx71omxIngloJ3WhR7/AO2tvzNT5r5iy6meLxuDxS2v
LbiG1I5F/fXkkkBDHCGHd6TJ8LbZ3GTnEhjqsI1Yzpsyp25XAau+H6ci4R86Uz1F
kbOwozXSE3vPnoEBZtI4z6TDZ8GH3d0=
-----END CERTIFICATE REQUEST-----

52
CKUBU/openvpn/home-ckubu/keys/server.key Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDVbJDFFhEkV2F9
YF9I9gWnQeQJdDlj1SteRHQg4ezQV20e6+XQd8OqUsUAbt5pfa9D0sjX/mw4pnb1
jo5w6WO2WHGaL5X8G2VzKUe0gpAlUjRZ+bmbHfXo9xihCIaKyWUVrgUJxsuM6+TM
AdahglRY0V51zPB7/vcEknJiDbd//bSL+I4IrFfabKvhDXOlYlX2mImlnxlPbrUX
A33neLAVKRWvffdXAO8QShV9/I64TNoEZxJvcR+ZwDblzzc1PeyxCD8yxVFTnGEC
z9oDVrx2DMWUlPS/Eo5cZR8/C40gIO4S1GNslLbSAPGPU2/b/HHWVh0nrfzPVbHX
+mhN5rGRjy3Ui/YgJvHX5Zmg40JTIcr5Yyhr5CR/yl0zA1OKcZTmS9xweS8e/YCt
TiBqUuwtesoERGLPbrBHf13UOcM7psKOMR5r8XKJzubVYd7NvTArLP7bB431Lxzr
E0fxujq8FlkrzPANkI5jzGeGHxOUh5cRw/VEhdzA4xSx39MLpXc0RcYlmo/581vF
xoPy7Xw1+RUuX3IXDvo7fjEqdijZL30omO75SCk+3fuZ0zCIBpq3asc3ppJW277R
ZN5uthUg+VZZp77wpZak5AaxPsHfEamIyBAtXg5TCCkP5aJXWLzpu+FkcVA1W6qw
BIcz1DGm2j4Vn9Ysxjms9P7hSIGlLQIDAQABAoICADBGZliuLSJzQXICoor2W0EB
/nrE91ZFmZGxGjN15wMZQ22DHnCRJokYP8dhTJ2/+Cz3OMbincgSn0XcAQw5Pny4
dLnTmbF04PWzmKyT+9b1STIw8nLLzBvuCHwkWYp7E4pb2nfjp5cwpIggwlO2Dy4n
7Z3nxV3GxkkadxUG1UL2OCiRCE+d7CFUA2zchhQasicdScVUv3zgJcYW3BvHiMzA
hk8zxwa/B1Q/7ayZvA6kE4x7ZAghJmy4tbI1tN8uKqPAocryJvsqnCburPmkXOy2
5to89z9hCyKLHQ49pqZlzHQl5ndhDBlkbT9mOB8icv1wbRfUmyKq15dq5Lz6OZ+x
YuxSE+ihV6t+A1RoZcVHlhxwQJrjF9UE0ZM1x+Nhw1KfeLVO7WexztZiHr5RKZkE
uELCtq7C9AqNKL7Rk4EvvT5JWTPfhtQjd2Z34DZ3QXc2KVcpddKQ2zB+7siIK1lu
bpSo58vk6i+HFYjvZtIpyeHTxMKDoL8pqWyKi44p+U5bE0K7mXI/L+YO6Y6EopXB
x+YVwxRkd2lErYCEjNFy/2vz8Djj/KSH5Wwu0bMwvtK66dB4kkmqxoC/ris+18t5
wQzxOu/VpFrGnooP8bpEXj29/cj0gJZy/s5nDoLS0mEkbqMaMSYihy7DsZAJoRQc
qW9/vgb578ALGEw4nohhAoIBAQDwHdDnC5xCGUZDxjZVj/cGa9apbPERTqRRbueL
hEglpbL+dCiJFmkLy7pXzDNnMOc9wR75zJb0v+uuAYsRGYOjk9THSUz7sj7S2LTR
NINrS0WOgVc9MUjo9Dk681LxAmKVBNA9BTsqK5McN1ZU/dmW3GLOmWpC5IDtS5+r
hprx/s20pgO+ait/EYfOUPEcDcC4vp4dJUhSFQMXQJqu9azLNnaE1NcZv9mkuUjV
cRp+A6QinvNgNon3dHT0ZgQeDQsRzJy/odwR3N+dM1ivizPOve3ljJuYt7GB3hYl
9V8uJf7Lg4jC7xGF8AZlYAI/zkx5goeojUEAH1x7vfZ03mZrAoIBAQDjirwhzbt6
vP4fkQ9yBzoHR9swmJxUyqo1iSpSdFVVWer/2GE59lWGqZ37E2mgBkEn4ALOFbYr
JHxmyVvoYY31Hi4KPQ+cu6unKtR0XcgMrhN+JxOPj3G4LNDko4QAjZAu/URccmgT
8OY36BHc4MpD1AqYZ8N1nbXm/idF+w4Z/XAGHUTVKvSS7Fg9SHckcXTC7znz8kd+
G43ZWkxSyCNqM6YARh8Rt9uuhLK7MaWU/T/gL86GsN1iAgumgeYEbiQ+6Vz8+hvj
pQpNbywZlClKgpI/BDWVGIx2lzZvdhbzpwNpq4JH7wTTJonvRuecqHgevLng8lIC
OM/w46zHkhjHAoIBAQCrt2byFGeHDbQmO9YXkoFCYlR9jZ9IlUkFw55rNAq0ga9k
MYXbo98zxFpa93m7TknQ7A9O7XT3S1ksc4YUkH6HuOzuKAmZ5nrvJnMJOdjSHl57
7xuIc3qEvkM/WUvzd5UwpOSW/uq02by27Qwcc/3r2Wf//87yT5+0E+T4MacVcPeD
PUZoIl1A3jSU42XKfjtY41kH1uXFbalsM5Nrk94i5awUinHZxE3Nc4QWwHAFtmzn
JW0/XUGFag9JyLshEorcC8v9b6+GRsLUFShTQeWm8ET1aHzN1nBnQ3/rXXLX+ewh
dsuTPIz3kBPC48o3/zzJmQOTEpFtmP/2rn9WTMZJAoIBAQCnQwFeW+wXojuvmqNe
798BIRoH0/b/AWczKVwZ9ngP4KQ1Y6q8v85IygBeYvu+7ToSBMIrGZyqhAyKRjQw
Ux3V9FRlpFMIpI/et0YrMBDw+TlM/46Kdihi+Vao62YKPgWh9Py+dD77gZbJu+b9
laQ5TfJn68are74OSf82mwDXrAwgAn3psMTOB7wpeE5UVK4+6TmRkCRrl/eisZTv
OT2HQOYix2jpTlzHIbZ8klckeTDuLFZFfleORvCnek9KLGiqckKvl27O3TAAkds6
BkaABhFZD1AQBFakii0yq/zdKIUCtVd0Z0gFqwuz/0wcRV7fQV3l9FrCVV7NtZ75
qPRbAoIBAQCNxAjGgT+wuY6uEupTXdjXqP6LED1jTOwXV6fZ7/5svlZ/MTxR1LLQ
2mYnRg2YQgyT5lG1Sfq97dwZeNPgKbWyXJUyKhDQUSHYeqx0hPOVLXifHJaXLKkg
90e3DTa4Sapv4c/mOYgiOle306lUe4lLNzXBIWSnoYkoPWV41tWX+iFCBWusvpHF
YLCzoqycN/QUF6XzUpJQrU8J3xS7tV0JmVqSGvWVinCOHT3bjApusqnXrfCTgPY0
NkT2EWkO38eBb5KORyhkk93LMjzapUFn+AJqkreR6sJWJ5P3VWxtF7+/4Na2usbV
n0I7baBebvqXlKuMu8VxLiK9OPmW9eGV
-----END PRIVATE KEY-----

21
CKUBU/openvpn/home-ckubu/keys/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
1c8b2c0960c29ba0f8b85d20cf7654a3
2429c0a7e6c898f834473377846b349b
e5070fadf83aa6f2143ddedd5fed69b8
6b4303181d4cf8b130777033982585fa
24796676d2c096db93d8ec0bf221a33f
974c554b7173faaa46badec409713525
927fdabb473a3e24d309983c858b1b7c
7ea88198f4f01d1a5c2fb6920a1dcd4b
d1a3918e736899803896aa1d43ad131d
996e9f78bcc1faccb83276e65ca43626
c4b0de36dfaff3be40276a0126d15690
bf7c3baca7d51d4ed78efb8248d6e3c1
43fb2424ed1b31e7a2cb14506a3d5fd2
3f3f58ee93eb615044fb6d0d345095c8
c0c5551065d416d1b6781d8436f8afb9
2f34aef585ba7ec0a977386b3a3b9c0d
-----END OpenVPN Static key V1-----