ca
This commit is contained in:
Vasco
@@ -13,3 +13,6 @@ yum install -y epel-release
|
|||||||
|
|
||||||
# --- interfaces ---
|
# --- interfaces ---
|
||||||
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
||||||
|
|
||||||
|
cp httpd.conf /etc/httpd/conf/
|
||||||
|
cp ssl.conf /etc/httpd/conf.d/
|
||||||
|
|||||||
@@ -13,3 +13,7 @@ yum install -y openssl
|
|||||||
|
|
||||||
# --- interfaces ---
|
# --- interfaces ---
|
||||||
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
||||||
|
|
||||||
|
# le openslll
|
||||||
|
|
||||||
|
cp openssl.cnf /etc/pki/tls/
|
||||||
|
|||||||
@@ -51,14 +51,20 @@ sudo iptables-save > /etc/sysconfig/iptables # :3
|
|||||||
# deviamos meter os comandos utlizados no relatorio
|
# deviamos meter os comandos utlizados no relatorio
|
||||||
# os ficheiros ja estao criados
|
# os ficheiros ja estao criados
|
||||||
|
|
||||||
ca ca.crt #
|
# Copiar o Self-signed Certificate Authority
|
||||||
cert gw-vpn.crt #
|
ca_dir="/etc/pki/CA"
|
||||||
key gw-vpn.key # ya
|
mkdir -p $ca_dir
|
||||||
|
mv ca.crt $ca_dir
|
||||||
|
|
||||||
|
# Criar vpn certificate
|
||||||
|
openssl ca -in ca.csr -cert ca.crt -keyfile ca.key -out vpn.crt
|
||||||
|
mv vpn.key $ca_dir
|
||||||
|
mv vpn.crt $ca_dir
|
||||||
|
|
||||||
cp vpn.conf /etc/openvpn/server/
|
|
||||||
|
|
||||||
# NOTA(vasco): o ficheiro conf vai ser vpn.conf pq isso é o nome do serviço
|
# NOTA(vasco): o ficheiro conf vai ser vpn.conf pq isso é o nome do serviço
|
||||||
|
|
||||||
# NOTA(vasco): talvez deviamos correr diretamente via o comando
|
# NOTA(vasco): talvez deviamos correr diretamente via o comando
|
||||||
# em vez de via serviços
|
# em vez de via serviços
|
||||||
|
sudo cp vpn.conf /etc/openvpn/server/
|
||||||
sudo systemctl enable --now openvpn-server@vpn.service
|
sudo systemctl enable --now openvpn-server@vpn.service
|
||||||
|
|||||||
21
ca.crt
Normal file
21
ca.crt
Normal file
@@ -0,0 +1,21 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDaTCCAlGgAwIBAgIUD2JnuJYQPRP/h3PPf1FsiNHLUekwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAPBgNVBAcMCENv
|
||||||
|
aW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAKBgNVBAMMA1ZQ
|
||||||
|
TjAeFw0yNjA0MjAxMTAzMDhaFw0yNzA0MjAxMTAzMDhaMF0xCzAJBgNVBAYTAlBU
|
||||||
|
MRAwDgYDVQQIDAdDb2ltYnJhMREwDwYDVQQHDAhDb2ltYnJhYTELMAkGA1UECgwC
|
||||||
|
VUMxDjAMBgNVBAsMBUZDVFVDMQwwCgYDVQQDDANWUE4wggEiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4IBDwAwggEKAoIBAQDaDICRTLW69RpumTHY6kBy6Ip4QPzoB+nCbvFEYtM2
|
||||||
|
mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0dBt+rC7IF3gKrLNTNCadjk7+zualG
|
||||||
|
6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9pPcBXsl8LlIodxVe8P2R02Tubgp/i
|
||||||
|
mKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJnNUM3oJF1do9JlnjNJZcI63nb+6K
|
||||||
|
bvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4kzKGPzdYO8orKKp8fbkrcwRO98gb
|
||||||
|
lib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJuLENM+a5AgMBAAGjITAfMB0GA1Ud
|
||||||
|
DgQWBBRbBGnllBjk6IPuPY16Xr+4surKuzANBgkqhkiG9w0BAQsFAAOCAQEAGP5/
|
||||||
|
rS39yY/rs3yc6KE0ag9gIN2YU34nTNps3MUlGJ5/E6mMBLdlNh5EKIn+Df81wNhG
|
||||||
|
qETLw/1VScZiZK6waH2svDPPKk76e/4oY6JF+xCnOayOIBwYgYvUqrG1I0KjTmEO
|
||||||
|
Qg0AlZg84pkyLRzd2vN/opzSz/r6hQJgQQ/kwbiJxX3dpwRwrees4OO18LN31l1Y
|
||||||
|
Gsna3u6IWLWouc4Q60i6AptW9pzCPI0op7UlZyqezLI/osG9jv4RSr8aq0reH0Zs
|
||||||
|
TWso/PMtltVgLuTLqE5oU+GW/3r0H2LA0q6qsLHCSbQRHcwNdU2UbuFzXKqn5vgv
|
||||||
|
5tjt5x4YgUgGSth7Qg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
17
ca.csr
Normal file
17
ca.csr
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICojCCAYoCAQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAP
|
||||||
|
BgNVBAcMCENvaW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAK
|
||||||
|
BgNVBAMMA1ZQTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoMgJFM
|
||||||
|
tbr1Gm6ZMdjqQHLoinhA/OgH6cJu8URi0zaZ2CafR7U8uDUXCiwvSHwHE7JYCkaV
|
||||||
|
upgpXR0G36sLsgXeAqss1M0Jp2OTv7O5qUbrC8QrUftG16jT9jkMXbj9X4aKERTO
|
||||||
|
S27wr2k9wFeyXwuUih3FV7w/ZHTZO5uCn+KYooe8RHrLsU9zRQ2SqpNZiGprwoum
|
||||||
|
42pm8Mmc1QzegkXV2j0mWeM0llwjredv7opu9mOP22pFt1uoTcDs1MODtqBO3b3x
|
||||||
|
QYRHs3iTMoY/N1g7yisoqnx9uStzBE73yBuWJviBUR2xjckEJAuzpC3Bb56HCFVU
|
||||||
|
iodAw4m4sQ0z5rkCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQARfdJpU+K1v7rR
|
||||||
|
IOPfHUq4BWApbhrv7bqwykK+YgyWzmEzNSp7jq91Wa4GnokbHruGsp+M0h3C/5fw
|
||||||
|
EhZakFDwykThVbxRk+iuPp7MpXPKMPGvFVzxIrD9xk7KSBUnhx0+dhwu5r0U+Uqh
|
||||||
|
A5HP44nUHjnIWQ+nah9IA4Z4ldks6bvl6rBrZf1znLLq/kZSb6bSsg9zLFJyJzeH
|
||||||
|
v5amC2OKPqREqeKzNQJhUNMAU360zDi8sf+dvDDtcwaevk71g/SEcZbJbw1KMR6g
|
||||||
|
orORkT5uSi97mTJ8+hZMw+0hNyqBG/Zflq6aMzm97RlBGHBhFL/5ITpYx+S7vcQC
|
||||||
|
EehlTcbM
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
||||||
28
ca.key
Normal file
28
ca.key
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaDICRTLW69Rpu
|
||||||
|
mTHY6kBy6Ip4QPzoB+nCbvFEYtM2mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0d
|
||||||
|
Bt+rC7IF3gKrLNTNCadjk7+zualG6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9p
|
||||||
|
PcBXsl8LlIodxVe8P2R02Tubgp/imKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJ
|
||||||
|
nNUM3oJF1do9JlnjNJZcI63nb+6KbvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4
|
||||||
|
kzKGPzdYO8orKKp8fbkrcwRO98gblib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJ
|
||||||
|
uLENM+a5AgMBAAECggEAAlGgopBGkfvg5DUg8onk4Hv121sd6BX2dSeCzWurdptl
|
||||||
|
UQgqW28Z/+be8t2YB3P3+wfEkzUs2Ej/U8t9YIdV2ooJV0/unZVufZNQ4MzMNAQp
|
||||||
|
pRRMsW+yo9mzjC4uxySlqeD+bG0ttZrdvgXRYvVeB/ne9qZWZ/rOGw/Y2mRlxiN8
|
||||||
|
9aotelpIFboy1CXyYBRlcVPgqDNCvbvFkJ+uAqWDjvKOzqML45qfhTiTCcPNwZ0v
|
||||||
|
lZhZtvhIen5hepOII2VSnNoVxdWSIy+p8//1LT5EvSaK7+vyGRS/dLyjAdMTmWUW
|
||||||
|
92NsuD0hOGZdejy0vzVxowcXEkZ3aDmqAxHZhIY90QKBgQD5ZPtgA2BCdSnnt4lk
|
||||||
|
nyH0SJqOmLs2NzgzP6jDgLbH5Xd8zQa0Jk41Axttj91d+l31SqKF30+lTfRU6RBq
|
||||||
|
p6E5kF8LNm0ZA2PgPvmq/a4eS2eEjGl39DHsVMzvCsiN5ic05SP1VKgxM5hD+1U0
|
||||||
|
KK8cGwABrc9OIh8sxDmwzdsbUQKBgQDf0vs+DGgLBHwAkenruUGAy/KqFk3wNKG8
|
||||||
|
lRzGgvqUqi+XqWLPS7u2FdstCnMTS1L4g/IKkgR15BCi3MkBh1JwQ8MWT/zE0nHQ
|
||||||
|
3oJHMhXXWLp3ft1PQ74BN2al0TNu/U2h7vrRhlVNg1iLcBfMI4yqqyjV8YEZEBaH
|
||||||
|
RhsDuNDq6QKBgQCyy/PwNNtpKeh+KLZGvlOwd/DetJ7bUqFnFIegigIAtAGDJtZc
|
||||||
|
h23gUbbzSIXzH1EHT5fPFHdcUtQNn/3WCRHsXBXXyxBSM30CQwPp0+9l5rdzbtsa
|
||||||
|
VacJAQ7ffcKlANEw+epas3PVumC6tFC0kUphgvXxPjP2lz30cUXO/PbN0QKBgEq5
|
||||||
|
rZexnKrQ/HVUQbypRO0zKfkPKUYgzD6hqdG8uNwZVXpU2uBKcIkCEwKeknzGkRTX
|
||||||
|
OF+/EC4rzkIRZCpWe3dvqBoy6jjr6YPKRcRvPEuBG//5Ivnrq+vMC0Eg7wMHHnwJ
|
||||||
|
xUNejewrBczHx6on1DbGngOPdYJglKTlCu/bLCTBAoGAKTHPH1YJPRbn7yEzpdjt
|
||||||
|
22aoxEjwSVIyQc49Q5Ophuvwit+7CeiJ2bRqHadRmJA65Z/4MJ4O3LupLa0BaGS0
|
||||||
|
+F1+sW5ap37qisJrHlSUfVN/IPhonmnULV9DEwj3ronYsmYHaY1TPI/tQaTLN1Q4
|
||||||
|
Kcr3D6K2flqH6rmEX3KKLMA=
|
||||||
|
-----END PRIVATE KEY-----
|
||||||
0
httpd.conf
Normal file
0
httpd.conf
Normal file
0
openssl.cnf
Normal file
0
openssl.cnf
Normal file
2
v3_ca.ext
Normal file
2
v3_ca.ext
Normal file
@@ -0,0 +1,2 @@
|
|||||||
|
keyUsage = cRLSign, digitalSignature, keyCertSign
|
||||||
|
basicConstraints=critical,CA:true,pathlen:0
|
||||||
4
vpn.conf
4
vpn.conf
@@ -3,7 +3,7 @@ port 1194
|
|||||||
proto udp
|
proto udp
|
||||||
dev tun
|
dev tun
|
||||||
ca ca.crt #
|
ca ca.crt #
|
||||||
cert gw-vpn.crt #
|
cert vpn.crt #
|
||||||
key gw-vpn.key # ya
|
key vpn.key # ya
|
||||||
dh dh2048.pem
|
dh dh2048.pem
|
||||||
server 10.60.0.0 255.255.255.0
|
server 10.60.0.0 255.255.255.0
|
||||||
|
|||||||
28
vpn.key
Normal file
28
vpn.key
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC47TvtHVNPSXnI
|
||||||
|
PIR1AEpFa7nR7EgwRAoA0eHsAd+4sKip8ay+6WmGc1W5A9egf6meizg2QCcLcwTm
|
||||||
|
7SS3ZTCYYtGP23OtQr8AZDpZeiRcxyjQUEjEPNhJWSr7RXnbHbgk2IQGtNhnBhys
|
||||||
|
LtupuYgOIBHmyIjzYpKA7sy/oRTXmvNwyk7vcLm6IbewnNap32swHrmzsSJzDrDV
|
||||||
|
kRMT2DQDBbYLJ5H+5gDfmJ5HAjOcMwE75GbwGeDKa1UT49aFp300Avnwr2ecqqMa
|
||||||
|
44RZ3sc10/8igNxsNZXQsuEvv4YxXDOZVikMPxAnt5t9wq7WPwLCh4G0NUUasTSG
|
||||||
|
URbJYTvTAgMBAAECggEAA8zlozZWkiBlmc6wlCz42cYLJWbF3Flm8Tm0UGLWI61c
|
||||||
|
Z1MET09sWpXVMv5YDerXDrSNZ66tfr09jQyzk/dG5o16rApWWBRb6NimdanzxFpY
|
||||||
|
GuEuKvuVyvrDo4f70fEhlH7vRlSsxn/oJ/ELP54vTxxWnIJjhMjyT3xY2y6mxyrV
|
||||||
|
mKfp2YVPyKCj5R01Fw4BfL9Xu4qn0ROCZuVYYgffLGFKEPJluTdxfQ4XFTgOdC4/
|
||||||
|
aemWIZQ9wGRoL0A3kCeNhwsPcWbtHSLE1/oR6E0TAMlMvNWRkrvxx9CmGRCtePiH
|
||||||
|
a2Yi9qjX42G/77ueL6N52fkK/GUB1F827rZ6xgiiVQKBgQDcZr23Gvyhxm2vLKhB
|
||||||
|
/tsOBiM1lbSMp38RxsLKOoSzFbQMZKjDWNL1GIF2n5r/VQh79N0fV4QUEq4bhtTo
|
||||||
|
WF/cD11xsjSkq66CAvmzgu4En0Ef0FXfZib19HRSAWKznhXgnnYiyirsBibOj3b+
|
||||||
|
kNgVCftedLvuEZEQ1ZPiZJTQxwKBgQDWy6u/oawz983pMx9G+O4FpkLEOerXCsMz
|
||||||
|
BJb7o3RpRzM6qi1T1pti3UA/k4uiWZjHNAVWxUbzV08f9LMoxrZIO6EJT/3IqdsH
|
||||||
|
QoG1RYEo4BNLo3ZGns+ksIpaRIyOV3bIVWdaR0+P9MbRBVDuWGkVrZtBrAIm18LJ
|
||||||
|
Qosvi1aIlQKBgF9rJ5VfXKJZOuFNDydLQ+EFbTbksj72wP+cMnbE8PBrZAC9j4bL
|
||||||
|
LMGps1r87GjAkqS/tP+9rtPV5oTKUeCpag7mpAj2Iu5r2Wg2C47ZD1z26YXxd0v5
|
||||||
|
eMKg678ZFHc46LXPRMv5BK4cV66z08uQP8yT/ry9AyOlfU1xec3Yx8i/AoGBAMhM
|
||||||
|
oVpQLz8+5DuEurP6SivmgPhvcfkaRjD7JLiAEnxiMvmP3DkENV6aJ+Ghe2Ln3jpU
|
||||||
|
3m2uBZ3CWzzXeYKa2zy8rkz61RQcoO1CLaaWq/0sB5JPWmo8ijFvl3TZ26CZG2Fx
|
||||||
|
krFzMlRx1DzykifRNh1LCS7Scic6qJ/5d8XcT9OJAoGAQFuWM2jhSAfrQw64nWuO
|
||||||
|
PkDYOKKtZij6RPdbxWH/A8uew8UCxJel8Q703GPRmRX0+1rhQ5jFfwWTgmQt5Kyb
|
||||||
|
zm8uk7Xa6CIZyC83F8j93AvBWHzJh7eI9xWuiTc9KGva4gKn443HM/Uz4NCGogWr
|
||||||
|
a428qWxj5+yxEpeZhqvhPic=
|
||||||
|
-----END PRIVATE KEY-----
|
||||||
Reference in New Issue
Block a user