ca
This commit is contained in:
Vasco
@@ -13,3 +13,6 @@ yum install -y epel-release
|
||||
|
||||
# --- interfaces ---
|
||||
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
||||
|
||||
cp httpd.conf /etc/httpd/conf/
|
||||
cp ssl.conf /etc/httpd/conf.d/
|
||||
|
||||
@@ -13,3 +13,7 @@ yum install -y openssl
|
||||
|
||||
# --- interfaces ---
|
||||
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
||||
|
||||
# le openslll
|
||||
|
||||
cp openssl.cnf /etc/pki/tls/
|
||||
|
||||
@@ -51,14 +51,20 @@ sudo iptables-save > /etc/sysconfig/iptables # :3
|
||||
# deviamos meter os comandos utlizados no relatorio
|
||||
# os ficheiros ja estao criados
|
||||
|
||||
ca ca.crt #
|
||||
cert gw-vpn.crt #
|
||||
key gw-vpn.key # ya
|
||||
# Copiar o Self-signed Certificate Authority
|
||||
ca_dir="/etc/pki/CA"
|
||||
mkdir -p $ca_dir
|
||||
mv ca.crt $ca_dir
|
||||
|
||||
# Criar vpn certificate
|
||||
openssl ca -in ca.csr -cert ca.crt -keyfile ca.key -out vpn.crt
|
||||
mv vpn.key $ca_dir
|
||||
mv vpn.crt $ca_dir
|
||||
|
||||
cp vpn.conf /etc/openvpn/server/
|
||||
|
||||
# NOTA(vasco): o ficheiro conf vai ser vpn.conf pq isso é o nome do serviço
|
||||
|
||||
# NOTA(vasco): talvez deviamos correr diretamente via o comando
|
||||
# em vez de via serviços
|
||||
sudo cp vpn.conf /etc/openvpn/server/
|
||||
sudo systemctl enable --now openvpn-server@vpn.service
|
||||
|
||||
21
ca.crt
Normal file
21
ca.crt
Normal file
@@ -0,0 +1,21 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDaTCCAlGgAwIBAgIUD2JnuJYQPRP/h3PPf1FsiNHLUekwDQYJKoZIhvcNAQEL
|
||||
BQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAPBgNVBAcMCENv
|
||||
aW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAKBgNVBAMMA1ZQ
|
||||
TjAeFw0yNjA0MjAxMTAzMDhaFw0yNzA0MjAxMTAzMDhaMF0xCzAJBgNVBAYTAlBU
|
||||
MRAwDgYDVQQIDAdDb2ltYnJhMREwDwYDVQQHDAhDb2ltYnJhYTELMAkGA1UECgwC
|
||||
VUMxDjAMBgNVBAsMBUZDVFVDMQwwCgYDVQQDDANWUE4wggEiMA0GCSqGSIb3DQEB
|
||||
AQUAA4IBDwAwggEKAoIBAQDaDICRTLW69RpumTHY6kBy6Ip4QPzoB+nCbvFEYtM2
|
||||
mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0dBt+rC7IF3gKrLNTNCadjk7+zualG
|
||||
6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9pPcBXsl8LlIodxVe8P2R02Tubgp/i
|
||||
mKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJnNUM3oJF1do9JlnjNJZcI63nb+6K
|
||||
bvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4kzKGPzdYO8orKKp8fbkrcwRO98gb
|
||||
lib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJuLENM+a5AgMBAAGjITAfMB0GA1Ud
|
||||
DgQWBBRbBGnllBjk6IPuPY16Xr+4surKuzANBgkqhkiG9w0BAQsFAAOCAQEAGP5/
|
||||
rS39yY/rs3yc6KE0ag9gIN2YU34nTNps3MUlGJ5/E6mMBLdlNh5EKIn+Df81wNhG
|
||||
qETLw/1VScZiZK6waH2svDPPKk76e/4oY6JF+xCnOayOIBwYgYvUqrG1I0KjTmEO
|
||||
Qg0AlZg84pkyLRzd2vN/opzSz/r6hQJgQQ/kwbiJxX3dpwRwrees4OO18LN31l1Y
|
||||
Gsna3u6IWLWouc4Q60i6AptW9pzCPI0op7UlZyqezLI/osG9jv4RSr8aq0reH0Zs
|
||||
TWso/PMtltVgLuTLqE5oU+GW/3r0H2LA0q6qsLHCSbQRHcwNdU2UbuFzXKqn5vgv
|
||||
5tjt5x4YgUgGSth7Qg==
|
||||
-----END CERTIFICATE-----
|
||||
17
ca.csr
Normal file
17
ca.csr
Normal file
@@ -0,0 +1,17 @@
|
||||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIICojCCAYoCAQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAP
|
||||
BgNVBAcMCENvaW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAK
|
||||
BgNVBAMMA1ZQTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoMgJFM
|
||||
tbr1Gm6ZMdjqQHLoinhA/OgH6cJu8URi0zaZ2CafR7U8uDUXCiwvSHwHE7JYCkaV
|
||||
upgpXR0G36sLsgXeAqss1M0Jp2OTv7O5qUbrC8QrUftG16jT9jkMXbj9X4aKERTO
|
||||
S27wr2k9wFeyXwuUih3FV7w/ZHTZO5uCn+KYooe8RHrLsU9zRQ2SqpNZiGprwoum
|
||||
42pm8Mmc1QzegkXV2j0mWeM0llwjredv7opu9mOP22pFt1uoTcDs1MODtqBO3b3x
|
||||
QYRHs3iTMoY/N1g7yisoqnx9uStzBE73yBuWJviBUR2xjckEJAuzpC3Bb56HCFVU
|
||||
iodAw4m4sQ0z5rkCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQARfdJpU+K1v7rR
|
||||
IOPfHUq4BWApbhrv7bqwykK+YgyWzmEzNSp7jq91Wa4GnokbHruGsp+M0h3C/5fw
|
||||
EhZakFDwykThVbxRk+iuPp7MpXPKMPGvFVzxIrD9xk7KSBUnhx0+dhwu5r0U+Uqh
|
||||
A5HP44nUHjnIWQ+nah9IA4Z4ldks6bvl6rBrZf1znLLq/kZSb6bSsg9zLFJyJzeH
|
||||
v5amC2OKPqREqeKzNQJhUNMAU360zDi8sf+dvDDtcwaevk71g/SEcZbJbw1KMR6g
|
||||
orORkT5uSi97mTJ8+hZMw+0hNyqBG/Zflq6aMzm97RlBGHBhFL/5ITpYx+S7vcQC
|
||||
EehlTcbM
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
28
ca.key
Normal file
28
ca.key
Normal file
@@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaDICRTLW69Rpu
|
||||
mTHY6kBy6Ip4QPzoB+nCbvFEYtM2mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0d
|
||||
Bt+rC7IF3gKrLNTNCadjk7+zualG6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9p
|
||||
PcBXsl8LlIodxVe8P2R02Tubgp/imKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJ
|
||||
nNUM3oJF1do9JlnjNJZcI63nb+6KbvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4
|
||||
kzKGPzdYO8orKKp8fbkrcwRO98gblib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJ
|
||||
uLENM+a5AgMBAAECggEAAlGgopBGkfvg5DUg8onk4Hv121sd6BX2dSeCzWurdptl
|
||||
UQgqW28Z/+be8t2YB3P3+wfEkzUs2Ej/U8t9YIdV2ooJV0/unZVufZNQ4MzMNAQp
|
||||
pRRMsW+yo9mzjC4uxySlqeD+bG0ttZrdvgXRYvVeB/ne9qZWZ/rOGw/Y2mRlxiN8
|
||||
9aotelpIFboy1CXyYBRlcVPgqDNCvbvFkJ+uAqWDjvKOzqML45qfhTiTCcPNwZ0v
|
||||
lZhZtvhIen5hepOII2VSnNoVxdWSIy+p8//1LT5EvSaK7+vyGRS/dLyjAdMTmWUW
|
||||
92NsuD0hOGZdejy0vzVxowcXEkZ3aDmqAxHZhIY90QKBgQD5ZPtgA2BCdSnnt4lk
|
||||
nyH0SJqOmLs2NzgzP6jDgLbH5Xd8zQa0Jk41Axttj91d+l31SqKF30+lTfRU6RBq
|
||||
p6E5kF8LNm0ZA2PgPvmq/a4eS2eEjGl39DHsVMzvCsiN5ic05SP1VKgxM5hD+1U0
|
||||
KK8cGwABrc9OIh8sxDmwzdsbUQKBgQDf0vs+DGgLBHwAkenruUGAy/KqFk3wNKG8
|
||||
lRzGgvqUqi+XqWLPS7u2FdstCnMTS1L4g/IKkgR15BCi3MkBh1JwQ8MWT/zE0nHQ
|
||||
3oJHMhXXWLp3ft1PQ74BN2al0TNu/U2h7vrRhlVNg1iLcBfMI4yqqyjV8YEZEBaH
|
||||
RhsDuNDq6QKBgQCyy/PwNNtpKeh+KLZGvlOwd/DetJ7bUqFnFIegigIAtAGDJtZc
|
||||
h23gUbbzSIXzH1EHT5fPFHdcUtQNn/3WCRHsXBXXyxBSM30CQwPp0+9l5rdzbtsa
|
||||
VacJAQ7ffcKlANEw+epas3PVumC6tFC0kUphgvXxPjP2lz30cUXO/PbN0QKBgEq5
|
||||
rZexnKrQ/HVUQbypRO0zKfkPKUYgzD6hqdG8uNwZVXpU2uBKcIkCEwKeknzGkRTX
|
||||
OF+/EC4rzkIRZCpWe3dvqBoy6jjr6YPKRcRvPEuBG//5Ivnrq+vMC0Eg7wMHHnwJ
|
||||
xUNejewrBczHx6on1DbGngOPdYJglKTlCu/bLCTBAoGAKTHPH1YJPRbn7yEzpdjt
|
||||
22aoxEjwSVIyQc49Q5Ophuvwit+7CeiJ2bRqHadRmJA65Z/4MJ4O3LupLa0BaGS0
|
||||
+F1+sW5ap37qisJrHlSUfVN/IPhonmnULV9DEwj3ronYsmYHaY1TPI/tQaTLN1Q4
|
||||
Kcr3D6K2flqH6rmEX3KKLMA=
|
||||
-----END PRIVATE KEY-----
|
||||
0
httpd.conf
Normal file
0
httpd.conf
Normal file
0
openssl.cnf
Normal file
0
openssl.cnf
Normal file
2
v3_ca.ext
Normal file
2
v3_ca.ext
Normal file
@@ -0,0 +1,2 @@
|
||||
keyUsage = cRLSign, digitalSignature, keyCertSign
|
||||
basicConstraints=critical,CA:true,pathlen:0
|
||||
4
vpn.conf
4
vpn.conf
@@ -3,7 +3,7 @@ port 1194
|
||||
proto udp
|
||||
dev tun
|
||||
ca ca.crt #
|
||||
cert gw-vpn.crt #
|
||||
key gw-vpn.key # ya
|
||||
cert vpn.crt #
|
||||
key vpn.key # ya
|
||||
dh dh2048.pem
|
||||
server 10.60.0.0 255.255.255.0
|
||||
|
||||
28
vpn.key
Normal file
28
vpn.key
Normal file
@@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC47TvtHVNPSXnI
|
||||
PIR1AEpFa7nR7EgwRAoA0eHsAd+4sKip8ay+6WmGc1W5A9egf6meizg2QCcLcwTm
|
||||
7SS3ZTCYYtGP23OtQr8AZDpZeiRcxyjQUEjEPNhJWSr7RXnbHbgk2IQGtNhnBhys
|
||||
LtupuYgOIBHmyIjzYpKA7sy/oRTXmvNwyk7vcLm6IbewnNap32swHrmzsSJzDrDV
|
||||
kRMT2DQDBbYLJ5H+5gDfmJ5HAjOcMwE75GbwGeDKa1UT49aFp300Avnwr2ecqqMa
|
||||
44RZ3sc10/8igNxsNZXQsuEvv4YxXDOZVikMPxAnt5t9wq7WPwLCh4G0NUUasTSG
|
||||
URbJYTvTAgMBAAECggEAA8zlozZWkiBlmc6wlCz42cYLJWbF3Flm8Tm0UGLWI61c
|
||||
Z1MET09sWpXVMv5YDerXDrSNZ66tfr09jQyzk/dG5o16rApWWBRb6NimdanzxFpY
|
||||
GuEuKvuVyvrDo4f70fEhlH7vRlSsxn/oJ/ELP54vTxxWnIJjhMjyT3xY2y6mxyrV
|
||||
mKfp2YVPyKCj5R01Fw4BfL9Xu4qn0ROCZuVYYgffLGFKEPJluTdxfQ4XFTgOdC4/
|
||||
aemWIZQ9wGRoL0A3kCeNhwsPcWbtHSLE1/oR6E0TAMlMvNWRkrvxx9CmGRCtePiH
|
||||
a2Yi9qjX42G/77ueL6N52fkK/GUB1F827rZ6xgiiVQKBgQDcZr23Gvyhxm2vLKhB
|
||||
/tsOBiM1lbSMp38RxsLKOoSzFbQMZKjDWNL1GIF2n5r/VQh79N0fV4QUEq4bhtTo
|
||||
WF/cD11xsjSkq66CAvmzgu4En0Ef0FXfZib19HRSAWKznhXgnnYiyirsBibOj3b+
|
||||
kNgVCftedLvuEZEQ1ZPiZJTQxwKBgQDWy6u/oawz983pMx9G+O4FpkLEOerXCsMz
|
||||
BJb7o3RpRzM6qi1T1pti3UA/k4uiWZjHNAVWxUbzV08f9LMoxrZIO6EJT/3IqdsH
|
||||
QoG1RYEo4BNLo3ZGns+ksIpaRIyOV3bIVWdaR0+P9MbRBVDuWGkVrZtBrAIm18LJ
|
||||
Qosvi1aIlQKBgF9rJ5VfXKJZOuFNDydLQ+EFbTbksj72wP+cMnbE8PBrZAC9j4bL
|
||||
LMGps1r87GjAkqS/tP+9rtPV5oTKUeCpag7mpAj2Iu5r2Wg2C47ZD1z26YXxd0v5
|
||||
eMKg678ZFHc46LXPRMv5BK4cV66z08uQP8yT/ry9AyOlfU1xec3Yx8i/AoGBAMhM
|
||||
oVpQLz8+5DuEurP6SivmgPhvcfkaRjD7JLiAEnxiMvmP3DkENV6aJ+Ghe2Ln3jpU
|
||||
3m2uBZ3CWzzXeYKa2zy8rkz61RQcoO1CLaaWq/0sB5JPWmo8ijFvl3TZ26CZG2Fx
|
||||
krFzMlRx1DzykifRNh1LCS7Scic6qJ/5d8XcT9OJAoGAQFuWM2jhSAfrQw64nWuO
|
||||
PkDYOKKtZij6RPdbxWH/A8uew8UCxJel8Q703GPRmRX0+1rhQ5jFfwWTgmQt5Kyb
|
||||
zm8uk7Xa6CIZyC83F8j93AvBWHzJh7eI9xWuiTc9KGva4gKn443HM/Uz4NCGogWr
|
||||
a428qWxj5+yxEpeZhqvhPic=
|
||||
-----END PRIVATE KEY-----
|
||||
Reference in New Issue
Block a user