Question

Probably better to save the client-config directory in the CA rather than server

Posted September 13, 2021 60 views
UbuntuSecurityVPNUbuntu 20.04

Thanks for the amazing tutorial. I was thinking it would be better to save the client-config directory in the CA rather than the server for the following reasons

  • The CA files can be put on a removable drive for high security and used only when necessary
  • no need to copy client.req to CA in order to sign it
  • if server is compromised, then attacker can have access to the private key of client.
Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!