Where can I find a description of all OpenVPN certificate keys?

E

Enlighted_one2020-03-25 01:35:12

openvpn

Enlighted_one, 2020-03-25 01:35:12

Good afternoon, I encountered the generation of certificates on mikrotik. There is a whole bunch of keys that can be included when creating a certificate, where I can find a description of which key is responsible for what, otherwise they simply indicate which keys to include, and everything is different, but what these keys mean and give is unclear.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

CityCat4, 2020-03-25
@CityCat4

There is no such description anywhere. Google PKI, X.509 and the like. You can read mana on openssl. This is actually a constructor, where everyone builds what he wants for himself.
There is a book "Building secure corporate networks", there are a couple of chapters about certificates, but there are mainly about how to request and issue them, as well as how to configure different software for them.
The tags are incorrect: certificates are used in a lot of places, not only in openVPN

Z

Ziptar, 2020-03-25
@Ziptar

https://www.v13.gr/blog/?p=386
The "bug" section has details on why a certain combination is needed. However, the article could be out of date, because. several versions of openvpn have changed since then.
As for the key usage itself, this is more of an administrative story than a technical one. You can follow the standard , but you can not really. You can even create and use arbitrary OIDs.