[root@data ~]# wget http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz
[root@data ~]# wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.03.tar.gz
[root@data 2.0]# vim vars
export KEY_COUNTRY="CN" \\你所在的国家,两个字符为限
export KEY_PROVINCE="HN" \\你所在的省份
export KEY_CITY="changsha" \\你所在的城市
export KEY_ORG="cn6677" \\你所在的组织
export KEY_EMAIL="1250052800@qq.com" \\你的电子邮件
export KEY_OU=cn6677.com \\你所在的单位
Generating a 1024 bit RSA private key
writing new private key to 'server.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]:
State or Province Name (full name) [HN]:
Locality Name (eg, city) [Hunan]:
Organization Name (eg, company) [cn6677]:
Organizational Unit Name (eg, section) [cn6677.com]:
Common Name (eg, your name or your server's hostname) [server]:
Name [changeme]:
Email Address [mail@host.domain]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:cn6677.com
Using configuration from /root/openvpn-2.2.2/easy-rsa/2.0/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'HN'
localityName :PRINTABLE:'Hunan'
organizationName :PRINTABLE:'cn6677'
commonName :PRINTABLE:'server'
name :PRINTABLE:'changeme'
emailAddress :IA5STRING:'mail@host.domain'
Certificate is to be certified until Nov 27 22:02:42 2022 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
总用量 68
-rw-r--r--. 1 root root 4038 11月 30 06:02 01.pem
-rw-r--r--. 1 root root 3917 11月 30 06:07 02.pem
-rw-r--r--. 1 root root 1338 11月 30 05:55 ca.crt
-rw-------. 1 root root 912 11月 30 05:55 ca.key
-rw-r--r--. 1 root root 245 11月 30 05:58 dh1024.pem
-rw-r--r--. 1 root root 250 11月 30 06:07 index.txt
-rw-r--r--. 1 root root 21 11月 30 06:07 index.txt.attr
-rw-r--r--. 1 root root 21 11月 30 06:02 index.txt.attr.old
-rw-r--r--. 1 root root 125 11月 30 06:02 index.txt.old
-rw-r--r--. 1 root root 3 11月 30 06:07 serial
-rw-r--r--. 1 root root 3 11月 30 06:02 serial.old
-rw-r--r--. 1 root root 4038 11月 30 06:02 server.crt
-rw-r--r--. 1 root root 781 11月 30 06:02 server.csr
-rw-------. 1 root root 916 11月 30 06:02 server.key
-rw-r--r--. 1 root root 3917 11月 30 06:07 yonghu.crt
-rw-r--r--. 1 root root 781 11月 30 06:07 yonghu.csr
-rw-------. 1 root root 912 11月 30 06:07 yonghu.key
openvpn 20074 root 5u IPv4 94836 0t0 TCP *:openvpn (LISTEN)