If you haven't yet installed Clear Linux Latest on your system, you can download it from the official website https://clearlinux.org/downloads.
Before you begin the installation of Easy-RSA, you need to make sure that your system has some of the required packages. Open the terminal and run the following command:
sudo swupd bundle-add devpkg-openssl devpkg-pkgconfig devpkg-gcc
You can clone Easy-RSA using the following command:
git clone https://github.com/OpenVPN/easy-rsa.git
Once you have cloned the repository, move into the easy-rsa directory and run the installation script:
cd easy-rsa
./easyrsa init-pki
This command will initialize the Public Key Infrastructure (PKI) in a directory named pki.
To create a Certificate Authority (CA) certificate and key pair in the PKI, run the following command:
./easyrsa build-ca
This command will use the openssl.cnf file located in the easy-rsa/openssl-1.0.cnf directory to generate the CA certificate and key and store it in the pki directory.
You can generate server and client certificates using the following command:
./easyrsa build-server-full server nopass
./easyrsa build-client-full client1 nopass
In the above commands, server and client1 are the names chosen for the server and client certificates, respectively.
Once the certificates have been generated, you need to move them along with other files to your OpenVPN server directory which includes the following files:
ca.crt
<client-name>.crt
<client-name>.key
ta.key
Now you need to secure the generated certificates by setting the proper file permissions to them. Run the following command to set the permissions:
chmod -R 700 /path/to/your/certificates
You have now successfully installed and set up Easy-RSA on Clear Linux Latest. You can now use these certificates to secure your OpenVPN server.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!
