Thanks for the amazing tutorial. I was thinking it would be better to save the client-config directory in the CA rather than the server for the following reasons The CA files can be put on a removable drive for high security and used only when necessary no need to copy client.req to CA in order to sign it if server is compromised, then attacker can have access to the private key of client.

DigitalOcean Kubernetes: new control plane is faster and free, enable HA for 99.95% uptime SLA

Probably better to save the client-config directory in the CA rather than server

Posted on September 13, 2021
Ubuntu Security VPN Ubuntu 20.04
Asked by e271828r

Connected Tutorial

This question is a follow-up to this tutorial:

How To Set Up and Configure an OpenVPN Server on Ubuntu 20.04

Thanks for the amazing tutorial. I was thinking it would be better to save the client-config directory in the CA rather than the server for the following reasons

The CA files can be put on a removable drive for high security and used only when necessary
no need to copy client.req to CA in order to sign it
if server is compromised, then attacker can have access to the private key of client.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Related Questions

Question

Probably better to save the client-config directory in the CA rather than server

Try DigitalOcean for free

Popular Topics

Questions

Events

Get involved