Hi,
I have got a simple official SSL certificate (domain.tld) installed my SME. I use it for https and imap purposes.
In the past, before I got this certificate, I installed OpenVPN for tests on the SME as discribed into the wiki
https://wiki.contribs.org/OpenVPN_Bridge, also based on a self generated Authority Certificate made by PHPki => it worked fine.
Now I would like to
configure OpenVPN on my prod SME for a durable use.
First question: as this is only for private use, is there an advantage to use the official CA instead of the self-generated on by PHPki?
Following question: is there a possibility to make PHPki use the official CA (in fact this is a CA + 2 intermediate certificates) to generate the OpenVPN-server and OpenVPN-client certificates?
At this time, all my ssl things are located unter the folders /home/e-smith/ssl*.
A folder /opt/phpki/phpki-store/CA/certs exists and contains "cacert.pem" = the self generated ca certificate I guess.
But there are another folders with files that I don't have from the official certificate:
- /opt/phpki/phpki-store/CA/crl contains 2 files "cacrl"
- /opt/phpki/phpki-store/CA/private contains cakey.pem (the private key refering to the self-generated ca?) => could my SSL ptivate key replace it?
As well as "dhparam" and "takey" that I don't have from the official certificate too.
How should I proceed?
Thanks.
Bye
Arnaud