[root@localhost src]# tar zxvf lzo-2.03.tar.gz [root@localhost src]# cd lzo-2.03 [root@localhost lzo-2.03]# ./configure [root@localhost lzo-2.03]# make [root@localhost lzo-2.03]# make check (运行检查,此步骤可以省略) [root@localhost lzo-2.03]# make test (运行全面测试,此步骤可以省略) [root@localhost lzo-2.03]# make install (试用root身份安装)
[root@localhost 2.0]# vi vars (按照上面的内容修改变量文件里的相应变量值) [root@localhost 2.0]# . vars
清理以前的ca证书和密钥 代码:
[root@localhost 2.0]# ./clean-all
生成 CA 代码:
[root@localhost 2.0]# ./build-ca Generating a 1024 bit RSA private key ...............++++++ .....++++++ writing new private key to 'ca.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]: State or Province Name (full name) [SH]: Locality Name (eg, city) [Shanghai]: Organization Name (eg, company) [dzh.com]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [dzh.com CA]: Name []: Email Address [me@dzh.com]: 因为已经在变量里设置过了,所以直接回车就是默认值了。
为 open*** 服务端生成key 代码:
[root@localhost 2.0]# ./build-key-server server Generating a 1024 bit RSA private key .........................................++++++ .........++++++ writing new private key to 'server.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]: State or Province Name (full name) [SH]: Locality Name (eg, city) [Shanghai]: Organization Name (eg, company) [dzh.com]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [server]: Name []: Email Address [me@dzh.com]:
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from /usr/local/src/open***-2.1.2/easy-rsa/2.0/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'CN' stateOrProvinceName :PRINTABLE:'SH' localityName :PRINTABLE:'Shanghai' organizationName :PRINTABLE:'dzh.com' commonName :PRINTABLE:'server' emailAddress :IA5STRING:'me@dzh.com' Certificate is to be certified until Aug 17 07:20:17 2020 GMT (3650 days) Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
为客户端生成key 代码:
[root@localhost 2.0]# ./build-key client1 Generating a 1024 bit RSA private key ....................................++++++ ........++++++ writing new private key to 'client1.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]: State or Province Name (full name) [SH]: Locality Name (eg, city) [Shanghai]: Organization Name (eg, company) [dzh.com]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [client1]: Name []: Email Address [me@dzh.com]:
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from /usr/local/src/open***-2.1.2/easy-rsa/2.0/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'CN' stateOrProvinceName :PRINTABLE:'SH' localityName :PRINTABLE:'Shanghai' organizationName :PRINTABLE:'dzh.com' commonName :PRINTABLE:'client1' emailAddress :IA5STRING:'me@dzh.com' Certificate is to be certified until Aug 17 07:24:46 2020 GMT (3650 days) Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
如果有多个客户端,可以使用 ./build-key 依次生成不同的客户端key。 注意在进入 Common Name (eg, your name or your server's hostname) []: 的输入时, 每个证书输入的名字必须不同。
生成 Diffie Hellman 参数 代码:
[root@localhost 2.0]# ./build-dh Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time ...............................+....+..........................+..............................................................+............+..............+.................................................................+.......................................+............................................+...........+..............+..........................................................................+.......................+.......................................+................................+...........................+........+....................+.+.+........................................+....++*++*++*
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
看到上面的信息就说明 open*** 服务起来了,open*** 服务端配置完毕了。
三、Open××× GUI For Windows 客户端安装过程 1、下载安装Open××× GUI For Windows 从 http://open***.net/index.php/open-source/downloads.html 下载 open***-2.1.2-install.exe 注意: Open××× GUI 的版本要和 Open××× Server 的版本配套。 Windows下的安装过程就不具体说了,安装大家都会的。我使用默认路径安装在C:\Program Files\Open×××下了。
Red Hat Enterprise Linux AS release 4 Update 8 下安装 Open××× 服务器
一、Open××× 的安装环境1、Server 端的环境Red Hat Enterprise Linux AS release 4 (Nahant Update 8)Kernel:2.6.27.48Ip:192.168.0.12、Client 端的环境Windows XP PRO SP2Ip:192.168.0.2二、Open××× 服务端安装...