https://blog.naver.com/qhffhwh312/223143456276
http://engmisankim.tistory.com/40
https://docs.aws.amazon.com/ko_kr/vpn/latest/clientvpn-admin/mutual.html
1.
| git clone https://github.com/OpenVPN/easy-rsa.git cd easy-rsa/easyrsa3 ./easyrsa init-pki ./easyrsa build-ca nopass ./easyrsa build-server-full server nopass ./easyrsa build-client-full client1.domain.tld nopass -------------------------------------------------------- mkdir ~/custom_folder/ cp pki/ca.crt ~/custom_folder/ cp pki/issued/server.crt ~/custom_folder/ cp pki/private/server.key ~/custom_folder/ cp pki/issued/client1.domain.tld.crt ~/custom_folder cp pki/private/client1.domain.tld.key ~/custom_folder/ cd ~/custom_folder/ |
2.
| sudo apt install awscli aws configure --------------------------------------------------- AWS Access Key ID [None]: 엑서스 키 값 AWS Secret Access Key [None]: 시크릿 키 값 Default region name [None]: 리 전 Default output format [None]: 비워두고 엔터 --------------------------------------------------- aws acm import-certificate --certificate fileb://server.crt --private-key fileb://server.key --certificate-chain fileb://ca.crt aws acm import-certificate --certificate fileb://client1.domain.tld.crt --private-key fileb://client1.domain.tld.key --certificate-chain fileb://ca.crt |
3.
| cat client1.domain.tld.crt cat client1.domain.tld.key |
4.
| wget -qO- https://d20adtppz83p9s.cloudfront.net/GTK/latest/debian-repo/awsvpnclient_public_key.asc | sudo tee /etc/apt/trusted.gpg.d/awsvpnclient_public_key.asc echo "deb [arch=amd64] https://d20adtppz83p9s.cloudfront.net/GTK/latest/debian-repo ubuntu-20.04 main" | sudo tee /etc/apt/sources.list.d/aws-vpn-client.list sudo apt-get update sudo apt-get install awsvpnclient |
'네트워크' 카테고리의 다른 글
| AWS 인터넷 게이트 웨이 (0) | 2023.06.21 |
|---|---|
| NTP란 무엇인가? (0) | 2016.01.11 |
| 보안 장비 종류 (0) | 2015.11.09 |
iesay