Open-VPN Certificates (easy-rsa)

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

Post Reply
adriansiepka_pl
Posts: 2
Joined: Wed Jan 15, 2020 5:34 am

Open-VPN Certificates (easy-rsa)

Post by adriansiepka_pl »

Hello everyone,
I am very pleased to join the Gargoyle-OpenWRT user forum because i use this software long time.
I have small question with open-vpn cert. Where is config file responsible for generating cert keys.
In 'other linux system' i generate cert in 'easy rsa' by edit .vars config file. But where is this config file in Gargoyle ?
This is very important form me because use multiple connections and servers and this is make it easier for me to read the logs.

Thank everyone for help !

Lantis
Moderator
Posts: 6735
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Open-VPN Certificates (easy-rsa)

Post by Lantis »

Gargoyle makes a copy of the easyrsa files from /usr/lib/easy-rsa/ into RAM (/tmp) and generates the certificates there before copying the necessary info to /etc/openvpn, and then deleting the remaining files from the temporary storage.

This allows for fresh files every time, and faster generation as it runs in RAM.

I would recommend you do similar instead of directly modifying /usr/lib/easy-rsa/ to avoid interfering with the standard operation of Gargoyle, however it is up to you.
Gargoyle generates all of this using /usr/lib/gargoyle/openvpn.sh
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

adriansiepka_pl
Posts: 2
Joined: Wed Jan 15, 2020 5:34 am

Re: Open-VPN Certificates (easy-rsa)

Post by adriansiepka_pl »

Thanks Lantis for for your commitment.
Yes, ~/openvpn .sh is responsible for generating certificate and key parameters.
I used changes in this file and everything is ok.

Thank You!

Post Reply