Changes

From SME Server
Jump to navigationJump to search
14 bytes added ,  13:12, 21 March 2009
Line 73: Line 73:  
**Organization, Department, Locality, State and Country fields should have the values you entered when you have created your PKI. You can let those values.
 
**Organization, Department, Locality, State and Country fields should have the values you entered when you have created your PKI. You can let those values.
 
**Password: '''This field must be blank'''. Remember that OpenVPN daemon starts without human intervention when the server boots, so it need to have access to the certificate key without being prompted for a password.
 
**Password: '''This field must be blank'''. Remember that OpenVPN daemon starts without human intervention when the server boots, so it need to have access to the certificate key without being prompted for a password.
{{Note box|Not filling in a password is NOT possible for all fields are mandatory and entering no password will lead to an error. What to do?}}
+
{{Note box|Not filling in a password is NOT possible for all certificate use. Only for VPN Server Only, VPN Client Only, VPN Client or Server and SSL Server}}
 
   
**Certificate life: How-long the certificate will be valid. Enter what you want, but remember, when the certificate expires, you'll have to create another one, and deploy it on each client.
 
**Certificate life: How-long the certificate will be valid. Enter what you want, but remember, when the certificate expires, you'll have to create another one, and deploy it on each client.
 
**Key size: you can enter what you want (I use 2048 in general). The bigger, the stronger, but will use a bit more CPU power when the session key is negotiated (at the connection, and once an hour)
 
**Key size: you can enter what you want (I use 2048 in general). The bigger, the stronger, but will use a bit more CPU power when the session key is negotiated (at the connection, and once an hour)

Navigation menu