{"id":472,"date":"2024-02-05T20:36:48","date_gmt":"2024-02-05T12:36:48","guid":{"rendered":"https:\/\/idc.birk.cn\/?p=472"},"modified":"2024-02-06T17:00:46","modified_gmt":"2024-02-06T09:00:46","slug":"linux-easy-rsa%e5%88%b6%e4%bd%9c%e8%af%81%e4%b9%a6%e5%ae%9e%e6%b5%8b%e6%9c%80%e7%ae%80%e6%ad%a5%e9%aa%a4","status":"publish","type":"post","link":"https:\/\/idc.birk.cn\/?p=472","title":{"rendered":"Linux easy-rsa\u5236\u4f5c\u8bc1\u4e66[\u5b9e\u6d4b\u6700\u7b80\u6b65\u9aa4]"},"content":{"rendered":"<p>1.\u4e0b\u8f7deasyrsa\uff1a<\/p>\n<p>wget https:\/\/github.com\/OpenVPN\/easy-rsa\/releases\/download\/v3.1.7\/EasyRSA-3.1.7.tgz<\/p>\n<p>2.\u89e3\u538beasyrsa\u5de5\u5177\u5305<\/p>\n<p>tar -zxvf\u00a0 EasyRSA-3.1.7.tgz<\/p>\n<p>3.\u62f7\u8d1deasyrsa\u5de5\u5177\u5305<\/p>\n<p>cp EasyRSA-3.1.7 AICOM<\/p>\n<p>\/\/\u4e00\u4e2a\u76ee\u5f55\u4ee3\u8868\u4e00\u4e2aCA\uff0c\u53ef\u81ea\u5b9a\u4e49\u76ee\u5f55\uff0c\u4e0d\u8981\u5728\u539f\u76ee\u5f55\u4e0a\u64cd\u4f5c\uff0c\u540e\u9762\u9700\u8981\u751f\u6210\u5176\u4ed6CA\u7684\u65f6\u5019\uff0c\u540c\u6837\u590d\u5236\uff0c\u7136\u540e\u5728\u590d\u5236\u7684\u76ee\u5f55\u4e0b\u64cd\u4f5c\u5373\u53ef<\/p>\n<p>4.\u5728AICOM\u76ee\u5f55\u4e2d\u751f\u6210vars\u6587\u4ef6<\/p>\n<p id=\"the-pasted-async\">cp -p vars.example vars<\/p>\n<p>5.\u5728vars\u7684\u672b\u5c3e\u589e\u52a0\u5982\u4e0b\u5185\u5bb9<\/p>\n<p>set_var EASYRSA_REQ_COUNTRY \"CN\"<br \/>\nset_var EASYRSA_REQ_PROVINCE \"Shanghai\"<br \/>\nset_var EASYRSA_REQ_CITY \"Shanghai\"<br \/>\nset_var EASYRSA_REQ_ORG \"UFO\"<br \/>\nset_var EASYRSA_REQ_EMAIL \"UFO@ufo.com.cn\"<br \/>\nset_var EASYRSA_REQ_OU \"UFO\"<br \/>\nset_var EASYRSA_NO_PASS 1<br \/>\nset_var EASYRSA_CA_EXPIRE 3650<br \/>\nset_var EASYRSA_CERT_EXPIRE 1825<\/p>\n<p>\u5176\u4e2dCA\u53ca\u8bc1\u4e66\u6709\u6548\u671f\u6bd4\u8f83\u91cd\u8981<\/p>\n<p>6.AICOM\u76ee\u5f55\u4e0b\u521d\u59cb\u5316\u8bc1\u4e66pki\u76ee\u5f55<\/p>\n<p>.\/easyrsa init-pki<\/p>\n<p>7.\u521b\u5efaCA<\/p>\n<p>.\/easyrsa build-ca<\/p>\n<p>8.\u751f\u6210\u670d\u52a1\u5668\u8bc1\u4e66\u3010server\u53ef\u4ee5\u6362\u6210server\u540d\u79f0\u3011<\/p>\n<p>.\/easyrsa build-server-full server<\/p>\n<p>9.\u751f\u6210 Diffie Hellman parameters \u3010\u975e\u5fc5\u8981\u6b65\u9aa4\uff0c\u4e0d\u9700\u8981\u5c31\u4e0d\u751f\u6210\u3011<\/p>\n<p>.\/easyrsa gen-dh<\/p>\n<p>10.\u751f\u6210\u5ba2\u6237\u7aef\u8bc1\u4e66\u3010client\u53ef\u4ee5\u6362\u6210\u5ba2\u6237\u7aef\u540d\u79f0\u3011<\/p>\n<p>.\/easyrsa build-client-full client<\/p>\n<p>\u751f\u6210\u597d\u7684\u8bc1\u4e66\u90fd\u5728AICOM\/pki\u76ee\u5f55\u4e0b\uff0c\u53ef\u4ee5\u770b\u5230CA\u3001server\u3001client\u8bc1\u4e66\uff0c\u590d\u5236\u5230\u5176\u4ed6\u5730\u65b9\u4f7f\u7528\u5373\u53ef<\/p>\n<p>\u4e0a\u8ff0\u6b65\u9aa4\u751f\u6210\u7684\u81ea\u7b7e\u540d\u8bc1\u4e66\u5df2\u7ecf\u8db3\u591f\u4f7f\u7528\uff0c\u4e0b\u9762\u662f\u4e00\u4e9b\u989d\u5916\u7684\u4f7f\u7528\u573a\u666f<\/p>\n<p>11.\u5bf9IP\u9881\u53d1\u81ea\u7b7e\u540dhttps\u8bc1\u4e66<\/p>\n<p>.\/easyrsa --subject-alt-name=\"IP:xx.xx.xx.xx\" build-server-full server nopass<\/p>\n<p>12.\u5bf9\u57df\u540d\u9881\u53d1\u81ea\u7b7e\u540d\u8bc1\u4e66\uff0c\u5e26*\u4e3a\u6cdb\u57df\u540d\u8bc1\u4e66\uff0c\u53ef\u81ea\u52a8\u5339\u914d<\/p>\n<p>.\/easyrsa --req-cn=\"*.aicom.com.cn\" build-server-full xxx.xxx.cn nopass<\/p>\n","protected":false},"excerpt":{"rendered":"<p>1.\u4e0b\u8f7deasyrsa\uff1a wget https:\/\/github.com\/OpenVPN\/easy-rsa\/releases\/download\/v3.1.7\/EasyRSA-3.1.7.tgz 2.\u89e3\u538beasyrsa\u5de5\u5177\u5305 tar -zxv [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":473,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,8],"tags":[],"topic":[37,39],"class_list":["post-472","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-8","topic-linux","topic-vpn"],"_links":{"self":[{"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/posts\/472","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=472"}],"version-history":[{"count":4,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/posts\/472\/revisions"}],"predecessor-version":[{"id":477,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/posts\/472\/revisions\/477"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=\/wp\/v2\/media\/473"}],"wp:attachment":[{"href":"https:\/\/idc.birk.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=472"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/idc.birk.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftopic&post=472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}