docker-OpenVPN-server-stack

Go to file

yohan 132f86d659 Add more certs generation. Update README.		2021-12-12 01:21:32 +01:00
.gitignore	Fixed gitignore.	2020-03-31 16:57:22 +02:00
create_conf.sh	Add more certs generation. Update README.	2021-12-12 01:21:32 +01:00
docker-compose.yml	Moved image building from docker-compose to startup script.	2020-02-26 17:43:43 +01:00
docker-compose.yml-subnet	Generalization.	2019-12-31 20:46:17 +01:00
down.sh	Moved image building from docker-compose to startup script.	2020-02-26 17:43:43 +01:00
openssl.conf	Initial commit.	2019-04-14 18:34:38 +02:00
README	Add more certs generation. Update README.	2021-12-12 01:21:32 +01:00
start_or_update.sh	Moved image building from docker-compose to startup script.	2020-02-26 17:43:43 +01:00
stop.sh	Moved image building from docker-compose to startup script.	2020-02-26 17:43:43 +01:00
vars	Generalization.	2019-12-31 20:46:17 +01:00

README

The file ca.key can only be found in the encrypted archive for secrets.

Certificates are created as below and the directory conf is stored in the encrypted archive for secrets:
./create_conf.sh

Two docker-compose files are provided: one in host mode and one for regular docker network.

References:
https://stackoverflow.com/questions/17089889/openssl-x509v3-extended-key-usage
https://forums.openvpn.net/viewtopic.php?t=7484
https://serverfault.com/questions/785108/why-does-openvpn-give-the-error-unsupported-certificate-purpose-for-an-interm
https://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-the-command-line
https://github.com/openssl/openssl/issues/6481