Mettle Knowledge
Search:     Advanced search
Browse by category:

SSL VPN Client Certificate Creation

Views: 1648
Votes: 0
Posted: 19 Jul, 2012
by: Knowledge M.
Updated: 17 Apr, 2013
by: Knowledge M.
Client Certificate Creation from within Mettle SE
  1. Go to Tools >> Certificate Authority Manager >> Certificates
  2. Click on Add New button
  3. Select Method : Create an Internal Certificate
  4. Enter A Descriptive Name
  5. Select Certifying Authority :  The CA which created the Server Certificate
  6. Enter Key Length : 2048 bits
  7. Certificate Type : User Certificate
  8. Enter Lifetime
  9. Enter Country Code
  10. Enter State or Province
  11. Enter City       
  12. Enter Organization
  13. Enter Email Address
  14. Enter Common Name
  15. Click Save
Client Certificate creation using a Linux computer

mkdir /etc/openvpn/easy-rsa
cp -r /usr/share/docs/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
edit /etc/openvpn/easy-rsa/keys/vars

make required entries

source vars
./clean-all

Export CA cert from the server to /etc/open-vpn/easy-rsa/keys/.

./build-key client

To Export the certificate to the client Machine from Mettle SE
  1. Go to Tools >> Certificate Authority Manager >> Certificates
  2. Click on the blue inverted triangle next to the Certificate you wish to export
  3. Select Export Certificate - to export certificate to the client
  4. Select Export Cert Key - to export client Certificate key to the client
SSL VPN Client sample configuration file used in a Linux client computer

cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/
copy ca.crt , client.crt and client.key to /etc/openvpn/.

Create client.conf file with the following lines :

client
dev tun
proto udp
remote <VPN Server IP> 1194
resolv-retry infinite
nobind
persist-key
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
status log/openvpn-status.log
comp-lzo
verb 5

Make sure 'client' keyword is present in the file

To Start SSL VPN client in a Linux client computer type:
/etc/init.d/openvpn start
Also read
document SSL VPN Client: Windows Client Configuration

Others in this Category
document Choosing a VPN Technology
document SSL VPN: If SSL VPN Clients Want to Access a Subnet other than "Local network"
document SSL VPN Troubleshooting
document SSL VPN: To make SSL VPN client use VPN as the Default Gateway
document SSL VPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
document Setting Up SSL-VPN Server
document SSL VPN Client: Windows Client Configuration
document Configuring Client-less SSL VPN



RSS