In iOS IPSec VPN Server on Ubuntu, I create a local CA with openssl.
I’m setting up an OpenConnect VPN, which uses GnuTLS’s certtool generating ca and sign certificates.
I want to use share the same Root CA for both OpenSSL and GnuTLS, so I’m generating request from GnuTLS and signing with OpenSSL.
Apple has it’s own certtool different from GnuTLS, the MacPorts one is named as gnutls-certtool
Prepare
1 2 |
sskajetekiMacBook-Pro:CA sskaje$ mkdir gnutls sskajetekiMacBook-Pro:CA sskaje$ cd gnutls/ |
Create private key
1 2 |
sskajetekiMacBook-Pro:gnutls sskaje$ gnutls-certtool --generate-privkey --outfile server-key.pem Generating a 2432 bit RSA private key... |
Continue reading “Generate Certificate with GnuTLS and Sign with OpenSSL” »
Generate Certificate with GnuTLS and Sign with OpenSSL by @sskaje: https://sskaje.me/2014/02/generate-certificate-gnutls-sign-openssl/