三、 安装服务器
1、 到http://openvpn.net/上下载openvpn的最新版,时至今日是openvpn-2.0.9.tar.gz。
a) 网上都说还需要lzo这个压缩库。我没有安装,在编译程序的时候只需要加上--disable-lzo就可以了。这样所有要安装的就是一个包openvpn-2.0.9.tar.gz。
2、上传到服务器gait.buaa.edu.cn上,解开成为/root/openvpn-2.0.9。
3、 cd /root/openvpn-2.0.9
4、 ./configure --disable-lzo。
a) 这个过程很可能需要Redhat的一些开发包,我安装的时候又打上了openssl-devel-0.9.7a-43.2.i386.rpm、zlib-devel-1.2.1.2-1.2.i386.rpm、e2fsprogs-devel-1.35-12.2.EL4.i386.rpm,当然如果是完全安装的服务器就不用了。
5、 make ; make install
a) 我在很多机器上都做了编译,不应该出现任何问题。这个软件做的还是不错的。
6、 生成证书
a) cd /root/openvpn-2.0.9/easy-rsa
i. export D=`pwd`
ii. export KEY_CONFIG=$D/openssl.cnf
iii. export KEY_DIR=$D/keys
iv. export KEY_SIZE=1024
v. export KEY_COUNTRY=CN
vi. export KEY_PROVINCE=BJ
vii. export KEY_CITY=BJ
viii. export KEY_ORG="buaa"
ix. export KEY_EMAIL=guojie.jin@hotmail.com
b) ./clean-all
c) ./build-ca
./clean-all
./build-ca
Generating a 1024 bit RSA private key
................++++++
........++++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]:
State or Province Name (full name) [BJ]:
Locality Name (eg, city) [BJ]:
Organization Name (eg, company) [dvdmaster]: buaa
Organizational Unit Name (eg, section) []:gait
Common Name (eg, your name or your server's hostname) []:server
Email Address [guojie.jin@hotmail.com]:
d) ./build-key-server server
./build-key-server server
Generating a 1024 bit RSA private key
......++++++
....................++++++
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]:
State or Province Name (full name) [BJ]:
Locality Name (eg, city) [BJ]:
Organization Name (eg, company) [buaa]:
Organizational Unit Name (eg, section) []:gait
Common Name (eg, your name or your server's hostname) []:server
Email Address [support@cooldvd.com]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:abcd1234
An optional company name []:dvdmaster
Using configuration from /openvpn-2.0.5/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName RINTABLE:'CN'
stateOrProvinceName RINTABLE:'GD'
localityName RINTABLE:'SZ'
organizationName RINTABLE:'dvdmaster'
organizationalUnitNameRINTABLE:'dvdmaster'
commonName RINTABLE:'server'
emailAddress :IA5STRING:'support@cooldvd.com'
Certificate is to be certified until Mar 19 08:15:31 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
![asterisk安装实录之CentOS 5.2安装[多图]](../../upload/2008_10/081020071615331t.jpg)
asterisk安装实录之Ce![让XManager也支持中文Solaris系统[图文]](../../upload/2008_10/081004071585281t.jpg)
让XManager也支持中文![[图文]使用Linux下的X命令与XP下的Xmanager远程登录rhel5 server的gnome桌面](../../upload/2008_10/08100407094602t.jpg)
[图文]使用Linux下的X
Linux和Windows的远程
Linux下的X-Lite安装
Ubuntu下用edna与High![unix系统下FTP上传文件经常中断或超时的解决方案[图文]](../../upload/2008_08/080828193350441t.jpg)
unix系统下FTP上传文
另人惊讶!诺基亚手机