Site Navigation

Date:      Mon, 16 Nov 2015 17:00:58 -0500
From:      Jon Radel <jon@radel.com>
To:        Dave B <g8kbvdave@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: Help/advice request please.
Message-ID:  <564A521A.90406@radel.com>
In-Reply-To: <EB867E94-B658-4E58-91D2-6093888F4EB8@gmail.com>
References:  <564A4CE3.9663.851BBC@g8kbvdave.googlemail.com> <EB867E94-B658-4E58-91D2-6093888F4EB8@gmail.com>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
On 11/16/15 4:45 PM, Manas wrote:
> Hello Dave,
>
> I run a few openvpn servers on FreeBSD. I use https://openvpn.net/index.php/open-source/documentation/howto.html as my guide. Feel free to email me directly with any questions.
>

I was just looking at that one, not having setup OpenVPN from scratch in 
a while now.  Looks perfectly reasonable.


>
> But there is no guidance as to what the other field values should (or
> should
> not) be.  Such as region/state etc.
Ooooo, nobody's let you in on the secret.  :-(   Those don't matter.  
Make them whatever makes you happy, and that includes empty.

In a private CA world really the only field you have to worry about is 
the Common Name.  It's nice to set the other values to something 
sensible, particularly if you're doing a private PKI for a large firm, 
where it's handy to track contact information, etc., etc., as part of 
the certificate, but that's all to keep the humans from getting 
confused.  Now, if you're getting your certs from another party, they'll 
want you to either put in real values or leave the values blank, 
depending on what they're certifying by signing your certificate, but 
that's out of your scope.

--Jon Radel
jon@radel.com


[-- Attachment #2 --]
0�	*�H��

��0�

10
	`�H
e
0�	*�H��


��
�0��0���
�#��S��anzTgk!0
	*�H��


0o10	USE10U
AddTrust AB1&0$UAddTrust External TTP Network1"0 UAddTrust External CA Root0
141222000000Z
200530104838Z0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0�
"0
	*�H��



�
0�

�

��
�zSNpR�V�&��I���Q���ZI���`�zQB�y��"�aN��v#
�J�	�n�=ٺ�����.CRC|�2PȦOZ��ϓ%�{��0d��V��*$3��D�i��FK�3��@�����@���:�*S��= a<U��Nv%!)��|qvO��_���T���{5R���"=,0-1Y�R7�3i-C��֥�wgQ���'뼥8v���8�ߌ��I���s�:2���:=F:WtaP��@?��⟢!

��
0�
0U#0����z4�&���&T���$�T0U�ak�ᢠ�O�g�£�����0U

�
�0U

�0

�
0U%0+
+
0U 
00U 0DU=0;09�7�5�3http://crl.usertrust.com/AddTrustExternalCARoot.crl05+


)0'0%+
0
�http://ocsp.usertrust.com0
	*�H��


�

*n�U�:������U�ka+�	#��fjo����w^a�}�������[jr
A���X�&���M������X�"c�R��6�}X�ޫ;c���s����{���B#�ʶ�M>�K��-�ػBK�i�ۦ74�{�
���:ǟO�4n�e�������6����d)5�ֱ�q�C��>��2S�v�ʆ4�,��Jؙ
��␒�ZBj#!�e��ջ~ꌅ b��:,Yř3�8���zy�J&�|���0��0��
sT�<}k��
`i
��
0
	*�H��


0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0
150330000000Z
180329235959Z0��10	UUS10U2215010	UVA10USpringfield10U	6917 Ridgeway Dr.10U
Jon T. Radel1200U)Issued through Jon T. Radel E-PKI Manager10UCorporate Secure Email10U	Jon Radel10	*�H��

	

jon@radel.com0�
"0
	*�H��



�
0�

�

��a�Щ������@@g3eGރ�͛�;	�d�#��>�q7&Hf�
:��3�v�L"��jV#�Xݷ�>U��-�H[$�S�Uڻ�{�Ϝ�,���z¶���I���chO��=rcy��r����n�v.V��h�7��k;���%u�e�Y��uӬ��󯅅���n�z����6!| !�A�ȡ�+�,�����u�+ 
�CA�պF-��u�n�#�vj���UJ��W�nk%�j]�
2�JP�kl��

��
�0�
�0U#0��ak�ᢠ�O�g�£�����0U��
�E�|G�Dp��/�ʚB�0U

��0U

�00U%0+
+
0FU ?0=0;+

�1

0+0)+

https://secure.comodo.net/CPS0]UV0T0R�P�N�Lhttp://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl0��+


��0��0X+
0�Lhttp://crt.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crt0$+
0
�http://ocsp.comodoca.com0U0�
jon@radel.com0
	*�H��


�

KS��`?���H���_D`�8G߿VbĘ��<��t�B-Ӈї|��{'��Ũ�ݹg0Gp�$��������������%F(;*��M��O*g����t�$@�����t6���,�?0���|�#�ă�z�,�&!{j�2i��[%�b�7ߪ�P+�9G�㲍["y<?���8rZ'��[U���R6%����L̤
��w"�=:L����~�Ƨ^��jf���3�6� ��OP��1�•.}(��e�1�A0�=

0��0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0
	`�H
e
��a0	*�H��

	1	*�H��


0	*�H��

	1
151116220058Z0/	*�H��

	1" �0���ģ�J�;�dv}���'?��ĥr� f0l	*�H��

	1_0]0	`�H
e
*0	`�H
e
0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0��*�H��

	1�����0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0
	*�H��



�
*πyK^���ȉ`�>��7��~K��"�6n�_1%~��%X)��L�g$ַ�>��*��\��2�3��?��Ǟ��G֭e��
A�%��P��ai�*yl�{��g򱒸���K\�0�֣�}��w�C+W��tt!�?{�+{��G���-(��u����1�,�,� ��<�?�aߌ1�SWԥ|�=[{�G��7�K����hX�f!/p����g�|ƕ��:�34mq������J��k��i����d�t

home | help

---

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?564A521A.90406>

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact