Code
[Root @ vpnserver ~] # Ntpdate time.nist.gov
[Root @ vpnserver ~] # Mkdir/byrd/tools-p
[Root @ vpnserver ~] # Mkdir/byrd/service
[Root @ vpnserver ~] # Cd/byrd/tools/
[Root @ vpnserver tools] # wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.06.tar.gz # lzo compression module
[Root @ vpnserver tools] # tar zxf lzo-2.06.tar.gz
[Root @ vpnserver tools] # cd lzo-2.06
[Root @ vpnserver lzo-2.06] #./configure
[Root @ vpnserver lzo-2.06] # make & make install
[Root @ vpnserver lzo-2.06] # echo $?
0
[Root @ vpnserver lzo-2.06] # cd ..
[Root @ vpnserver tools] # wget http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz
[Root @ vpnserver tools] # tar zxf openvpn-2.2.2.tar.gz
[Root @ vpnserver tools] # cd openvpn-2.2.2
[Root @ vpnserver openvpn-2.2.2] #./configure -- with-lzo-headers =/usr/local/include -- with-lzo-lib =/usr/local/lib
[Root @ vpnserver openvpn-2.2.2] # make & make install
[Root @ vpnserver openvpn-2.2.2] # echo $?
0 [root @ vpnserver openvpn-2.2.2] # rpm-qa openssl *
Openssl-1.0.1e-42.el6_7.4.x86_64
Openssl-devel-1.0.1e-42.el6_7.4.x86_64
[Root @ vpnserver openvpn-2.2.2] # cd easy-rsa/2.0/
[Root @ vpnserver 2.0] # ll
Total 128
-Rwxrwxr-x. 1 500 500 119 Nov 25 2011 build-ca
-Rwxrwxr-x. 1 500 500 352 Nov 25 2011 build-dh
-Rwxrwxr-x. 1 500 500 188 Nov 25 2011 build-inter
-Rwxrwxr-x. 1 500 500 163 Nov 25 2011 build-key
-Rwxrwxr-x. 1 500 500 157 Nov 25 2011 build-key-pass
-Rwxrwxr-x. 1 500 500 249 Nov 25 2011 build-key-pkcs12
-Rwxrwxr-x. 1 500 500 268 Nov 25 2011 build-key-server
-Rwxrwxr-x. 1 500 500 213 Nov 25 2011 build-req
-Rwxrwxr-x. 1 500 500 158 Nov 25 2011 build-req-pass
-Rwxrwxr-x. 1 500 500 428 Nov 25 2011 clean-all
-Rwxrwxr-x. 1 500 500 1457 Nov 25 2011 inherit-inter
-Rwxrwxr-x. 1 500 500 295 Nov 25 2011 list-crl
-Rw-r --. 1 500 500 413 Nov 25 2011 Makefile
-Rwxrwxr-x. 1 500 500 7768 Oct 21 2010 openssl-0.9.6.cnf
-Rwxrwxr-x. 1 500 500 8325 Nov 25 2011 openssl-0.9.8.cnf
-Rwxrwxr-x. 1 500 500 8222 Nov 25 2011 openssl-1.0.0.cnf
-Rwxrwxr-x. 1 500 500 12675 Nov 25 2011 pkitool
-Rw-r --. 1 500 500 9299 Nov 25 2011 README
-Rwxrwxr-x. 1 500 500 918 Nov 25 2011 revoke-full
-Rwxrwxr-x. 1 500 500 178 Nov 25 2011 sign-req
-Rwxrwxr-x. 1 500 500 1841 Nov 25 2011 vars
-Rwxrwxr-x. 1 500 500 714 Nov 25 2011 whichopensslcnf
[Root @ vpnserver 2.0] # cp vars. bk
[Root @ vpnserver 2.0] # tail-12 vars
# Don't leave any of these fields blank.
Export KEY_COUNTRY = "CN"
Export KEY_PROVINCE = "Zhejiang"
Export KEY_CITY = "Hangzhou"
Export KEY_ORG = "t4x.org"
Export KEY_EMAIL = "root@t4x.org"
Export KEY_EMAIL = root@t4x.org
Export KEY_CN = www.t4x.org
Export KEY_NAME = Byrd
Export KEY_OU = Byrd
Export PKCS11_MODULE_PATH = changeme
Export maid = 1234
[Root @ vpnserver 2.0] # source vars
NOTE: If you run./clean-all, I will be doing a rm-rf on/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
[Root @ vpnserver 2.0] #./clean-all
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 4
-Rw-r --. 1 root 0 Mar 9 13:00 index.txt
-Rw-r --. 1 root 3 Mar 9 13:00 serial
[Root @ vpnserver 2.0] #./build-ca
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Zhejiang]:
Locality Name (eg, city) [Hangzhou]:
Organization Name (eg, company) [t4x.org]:
Organizational Unit Name (eg, section) [Byrd]:
Common Name (eg, your name or your server's hostname) [www.t4x.org]: hz.t4x.org
Name [Byrd]:
Email Address [root@t4x.org]:
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 12
-Rw-r --. 1 root 1330 Mar 9 ca. crt
-Rw -------. 1 root 916 Mar 9 13:04 ca. key
-Rw-r --. 1 root 0 Mar 9 13:03 index.txt
-Rw-r --. 1 root 3 Mar 9 13:03 serial
[Root @ vpnserver 2.0] #./build-key-server
The Subject's Distinguished Name is as follows
CountryName: PRINTABLE: 'cn'
StateOrProvinceName: PRINTABLE: 'Zookeeper'
LocalityName: PRINTABLE: 'hangzhou'
OrganizationName: PRINTABLE: 't4x. org'
OrganizationalUnitName: PRINTABLE: 'Byrd'
CommonName: PRINTABLE: 'server'
Name: PRINTABLE: 'Byrd'
EmailAddress: IA5STRING: 'root @ t4x.org'
[Root @ vpnserver 2.0] #./build-key t4x
The Subject's Distinguished Name is as follows
CountryName: PRINTABLE: 'cn'
StateOrProvinceName: PRINTABLE: 'Zookeeper'
LocalityName: PRINTABLE: 'hangzhou'
OrganizationName: PRINTABLE: 't4x. org'
OrganizationalUnitName: PRINTABLE: 'Byrd'
CommonName: PRINTABLE: 't4x'
Name: PRINTABLE: 'Byrd'
EmailAddress: IA5STRING: 'root @ t4x.org'
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 64
-Rw-r --. 1 root 3893 Mar 9 t4x. crt
-Rw-r --. 1 root 765 Mar 9 t4x. csr
-Rw -------. 1 root 916 Mar 9 13:25 t4x. key
[Root @ vpnserver 2.0] #./build-dh # generate an exchange Key Protocol File
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys/dh1024.pem
-Rw-r --. 1 root 245 Mar 9/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys/dh1024.pem
[Root @ vpnserver 2.0] # openvpn -- genkey -- secret keys/ta. key
[Root @ vpnserver 2.0] # mkdir/etc/openvpns
[Root @ vpnserver 2.0] # cp-ap keys/etc/openvpn/
[Root @ vpnserver 2.0] ############### cp .. /.. /sample-config-files/client. conf/etc/openvpn/
[Root @ vpnserver 2.0] # cp.../sample-config-files/server. conf/etc/openvpn/
[Root @ vpnserver 2.0] # ll/etc/openvpn/
Total 16
Drwx ------ 2 root 4096 Mar 9 keys
-Rw-r -- 1 root 10288 Mar 9 server. conf
[Root @ vpnserver 2.0] # cd/etc/openvpn/
[Root @ vpnserver openvpn] # cp server. conf server. conf. bk
[Root @ vpnserver openvpn] # grep-vE "; |#| ^ $" server. conf # egrep-v "; |#| ^ $" server. conf
Port 1194
Proto udp
Dev tun
Ca. crt
Cert server. crt
Dh dh1024.pem
Server 10.8.0.0 255.255.255.0
Ifconfig-pool-persist ipp.txt
Keepalive 10 120
Comp-lzo
Persist-key
Persist-tun
Status openvpn-status.log
Verb 3
[Root @ hk openvpn] # cp/byrd/tools/openvpn-2.2.2/sample-scripts/openvpn. init/etc/init. d/openvpn
Configure: error: OpenSSL Crypto headers not found.
[Root @ vpnserver openvpn-2.2.2] # yum install openssl-devel
Configure: error: libpam required but missing
[Root @ vpnserver openvpn-2.2.2] # yum install pam-devel