Download the easy-rsa from github:https://github.com/OpenVPN/easy-rsa.git ( as master.zip & unzip the master.zip )
Enter the unziped directory : “easy-rsa-master/easyrsa3”
- Edit the vars.example file as “#set_var EASYRSA_KEY_SIZE 2048” -> “set_var EASYRSA_KEY_SIZE 4096” : To have better encryption. And cp file vars.example as vars
- Initialize the easyrsa “./easyrsa init-pki”
- if you will use easyrsa with openvpn create dh parameters: “/easyrsa gen-dh”
- For building ca : “./easyrsa build-ca”
- For creating client keys: “./easyrsa gen-req <client>” : This version requires passphrase for the keys
- For creating client keys without pasword: “./easyrsa gen-req <client> nopass”
- Steps for creating server keys & signing them
- For creating server keys: “./easyrsa gen-req <server_name> nopass”
- Import Request: “./easyrsa import-req <path to req file: sample -> ./pki/reqs/<file_name>>” Name_of_Req
- See Requests: “./easyrsa show-req”
- Sign the Requests: “./easyrsa sign server Name_of_Req”
- The results: CRT file : “./pki/issue/<crt_file>” & KEY file: “./pki/private/<key_file>”