Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
install_24_4_openvpn [2025/11/18 15:40] systeminstall_24_4_openvpn [2025/11/19 04:44] (current) system
Line 198: Line 198:
  
 # --- PKI / TLS (ECC only, no DH) --- # --- PKI / TLS (ECC only, no DH) ---
-ca /etc/openvpn/pki/ca.crt +ca ca.crt 
-cert /etc/openvpn/pki/issued/server.crt +cert server.crt 
-key /etc/openvpn/pki/private/server.key+key server.key
  
-# No "dh" line needed when using EC certificates +# No "dh none" when using EC certificates 
-dh dh.pem   <-- DO NOT USE+dh none
  
 # Optional but recommended: match your Easy-RSA curve (if you set EASYRSA_CURVE) # Optional but recommended: match your Easy-RSA curve (if you set EASYRSA_CURVE)
Line 209: Line 209:
  
 # Protect and hide the control channel # Protect and hide the control channel
-tls-crypt-v2 /etc/openvpn/tls-crypt-v2-server.key+tls-crypt-v2 tls-crypt-v2-server.key
  
 # Only allow modern TLS # Only allow modern TLS
  • install_24_4_openvpn.txt
  • Last modified: 2025/11/19 04:44
  • by system