jeanb

Forum Replies Created

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • in reply to: VPN and Microsoft’s Certificates [Resolved] #51699

    jeanb
    Member

    For a user (not a server):
    – instal certificate,
    – extract it (with MMC “Certificates” or IE by example) in “filename.pfx”.

    Use the “.bat” below:
    openssl pkcs12 -in filename.pfx -nocerts -out key.pem
    openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
    openssl rsa -in key.pem -out server.key

    The result file “server.key” contains the pivate key.

    In Zeroshell:
    – in certificate, select file “cert.pem”,
    – in key, select file “server.key”.

    This doesn’t work for server: I’m not able to extract a file with private key, only without…

    Thanks for all.

    in reply to: VPN Lan-to-Lan – ping doesn’t work [Resolved] #51689

    jeanb
    Member

    A friend of mine explain me what to do.

    Solution 1: in each Zeroshell machine at the beginning and the en of the tunnel, you have to give an IP address to VPN interface: when you create the tunnel, in fact, you add a new interface. And this interface has no IP address.

    These new IP adresses have to be in a new IP network (192.168.0.0/24 for example).

    Solution 2: create a bridge: you select the VPN interface and the ETHxy that begins (or ends) the tunnel.

    For each solution (1 or 2), don’t forget to create a static route.

    in reply to: VPN Lan-to-Lan – Error 111 [Resolved] #51690

    jeanb
    Member

    I’ve found…

    My own certificate has:
    – Certificate purposes:
    . SSL client : No
    . SSL server : Yes

    If I change to:
    . SSL client : yes,
    it works.

    How to do that ?

    In my scripts, when I sign certificate using “openssl ca -config file_config”, I use a config file.

    In this config file, I’ve to add: “client”:
    nsCertType = client, server, objsign

    in reply to: X509: which certificate ? How to do ? [Resolved] #51687

    jeanb
    Member

    The importation seems to be good (I’ve not tested if my VPN is fine after).

    In “Certificate”, I select a file that contain the certificate user or server. I use file “.crt” that contains private key, and the key is not protected with passphrase.

    In “key”, I use a “.crt” file that contains the key of the server or the user. This key is not protected by passphrase.

    Thanks for all.

    in reply to: No reboot [Resolved] #51651

    jeanb
    Member

    “Old” VMWare 1.0.7 to 1.0.9 create the same problem (I’ve not tested with VMWare 2.0″).

    With Virtual Box 3.2, no problem. All is fine.

    Thanks for all.

Viewing 5 posts - 1 through 5 (of 5 total)