[Openswan Users] Openswan on fc14 with nss and net-to-net

Alex mysqlstudent at gmail.com
Mon Jan 31 19:05:08 EST 2011


Hi,

>> Do you know where I can find instructions on how to start with
>> generating the CA, then the host keys, etc, in a way that's intended
>> for my configuration? (net-to-net)
>
> I think what you will find in README.nss will cover just about what you
> need in this case.  It has instructions on creating a CA and copying
> that between machines and generating the individual host keys and certs.

After reading through it, there are a few things that are unclear for me.

I'm trying to build a net-to-net vpn. Part of the directions involve
creating a user cert. What is the purpose for that?

In the "Migrating Certificates" section, it refers to "cert.pem" and
"key.pem". Is that referring to the host certificates?

Any reason the ca-cert-nickname and ca-cert-common-name can't be the
same? I was just using the hostname.

Thanks,
Alex


More information about the Users mailing list