Chapter 4.  PKI, Certificates, and OpenSSL

In this chapter, we will cover:

  • Certificate generation
  • OpenSSL tricks: x509, pkcs12, verify output
  • Revoking certificates
  • The use of CRLs
  • Checking expired/revoked certificates
  • Intermediary CAs
  • Multiple CAs: stacking, using the capath directive
  • Determining which crypto library is used
  • Crypto features of OpenSSL and PolarSSL
  • Pushing ciphers
  • Elliptic curve support

Introduction

This chapter is a small detour into the public key infrastructures (PKIs), certificates, and openssl commands. The primary purpose of the recipes in this chapter is to show how the certificates, which are used in OpenVPN, can be generated, managed, viewed, and what kind of interactions exist between OpenSSL and OpenVPN.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.221.173.72