Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change CA Name #10

Open
SquirrelCoder opened this issue Mar 17, 2016 · 8 comments
Open

Change CA Name #10

SquirrelCoder opened this issue Mar 17, 2016 · 8 comments

Comments

@SquirrelCoder
Copy link

Hello,

Thanks Sir for this outstanding script.
Is it possible to change certificates name? like Organization name, CA name?

Best Regards,

@pl48415
Copy link
Owner

pl48415 commented Mar 19, 2016

I'm looking into it,
best regards

@pl48415
Copy link
Owner

pl48415 commented Mar 19, 2016

I added the feature, please try it: https://github.com/pl48415/openvpn-install-advanced/tree/testing

@SquirrelCoder
Copy link
Author

WOW, Sir, thank you very much, I will test it on a newly installed Debian 8 serve, and report back.
Thanks a lot Sir, I greatly appreciate it.

@SquirrelCoder
Copy link
Author

Okay, So I test it, the question is there "Do you to change CA NAME, STATE, etc" after I entered "y" , the script doesn't let me enter any value (like the ca name/state/etc...), it goes automatically to the next step, until "Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue..." and I ctrl+C here , so I think there is some problem, because after this step the server.conf and client.conf will be generated.

@pl48415
Copy link
Owner

pl48415 commented Mar 19, 2016

This behavior is normal, it will ask you during installation because it is part of certificate creation, maybe I should remove "Okay, that was all I needed....". Please try it.

@SquirrelCoder
Copy link
Author

Yes Sir, you are right, sorry, the script now accepts values for CAs, outstanding work, just there is this:

Sun Mar 20 01:16:55 2016 VERIFY OK: depth=1, C=RU, ST=testCountry, L=testCity, O=testing, OU=testingNewName, CN=TEST, [email protected]
**Certificate Co, OU=My Organizational Unit, CN=server, [email protected]**

so the first one is the one that I entered the values, but the second one is still unchanged, don't what the difference is.
is it possible to change the second one too?


and I have another question:
nyr script uses Blowfish authentication by default, is that correct?
because for me AES is pretty slow when using this script but nyr scripts is pretty fast, so I was thinking, that this issue should be related to the cipher you have used in this script?

Thanks Sir

@pl48415
Copy link
Owner

pl48415 commented Mar 19, 2016

I will look into certificate problem further. You can change cipher during setup, try others. Also try without additional TLS layer and choose 2048bit RSA. If you are using TCP it will be slower than UDP.
Just to clarify by "pretty slow" are you talking about connection speed?

@SquirrelCoder
Copy link
Author

Thanks Sir for the reply, Yes, I mean connection speed, when e.g. downloading some file or opening a web page, take e.g. with my Internet Connection w/ AES-256 googles takes "~3" seconds, AES-128 "~1.5" Seconds, and BF-CBC almost instantly ("~1"), to open. but with nyr script it takes almost no time, like even faster than BF-CBC in your script, so I was wondering, if nyr's script even uses any encryption at all? or the block sizes, that nyr's script uses are much smaller?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants