From 349cfa7acb95abe865209a28e417ec74b56f9bba Mon Sep 17 00:00:00 2001
From: Alberto Gonzalez Iniesta <agi@inittab.org>
Date: Tue, 21 Feb 2012 15:53:40 +0100
Subject: Imported Upstream version 2.2.1

---
 easy-rsa/Windows/README.txt | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 easy-rsa/Windows/README.txt

(limited to 'easy-rsa/Windows/README.txt')

diff --git a/easy-rsa/Windows/README.txt b/easy-rsa/Windows/README.txt
new file mode 100644
index 0000000..2ede7b1
--- /dev/null
+++ b/easy-rsa/Windows/README.txt
@@ -0,0 +1,44 @@
+Extract all zip'd files to the OpenVPN home directory,
+including the openssl.cnf file from the top-level
+"easy-rsa" directory.
+
+First run init-config.bat
+
+Next, edit vars.bat to adapt it to your environment, and
+create the directory that will hold your key files.
+
+To generate TLS keys:
+
+Create new empty index and serial files (once only)
+1. vars
+2. clean-all
+
+Build a CA key (once only)
+1. vars
+2. build-ca
+
+Build a DH file (for server side, once only)
+1. vars
+2. build-dh
+
+Build a private key/certficate for the openvpn server
+1. vars
+2. build-key-server <machine-name>
+
+Build key files in PEM format (for each client machine)
+1. vars
+2. build-key <machine-name>
+   (use <machine name> for specific name within script)
+
+or
+
+Build key files in PKCS #12 format (for each client machine)
+1. vars
+2. build-key-pkcs12 <machine-name>
+   (use <machine name> for specific name within script)
+
+To revoke a TLS certificate and generate a CRL file:
+1. vars
+2. revoke-full <machine-name>
+3. verify last line of output confirms revokation
+4. copy crl.pem to server directory and ensure config file uses "crl-verify <crl filename>"
-- 
cgit v1.2.3