Hello everyone!

I would really appreciate if you could help me.

#CA certificate.
I'm trying to create "self-made" certificate for OpenVPN and little confused with
field CN (common name: ovpnserver.mydomain.com [IMPORTANT])
Can I put my static IP address in this field ?

#Certificate pair for the server.
and what does it mean "When filling CN remember that it must not match on CA and server
certificate otherwise later naming collision will occur." ?

what can I write in CN field ?


I have used this link: http://wiki.mikrotik.com/wiki/Manual:Cr ... rtificates

RouterOS 6.0RC11
CCR1036-12G-4S


Thank you very much!

The following should work for you...

When creating ca.key, the CN could be: <domain.tld>
When creating server.key, the CN *should* be: <IP of server>
When creating client.key, the CN could be: client.<domain.tld>

With the exception of the server.key being the IP address, the other two can really be anything unique such as FQDN, NETBIOS name, or just your name/anything (other than the IP).

When creating ca.key, the CN could be: <domain.tld>
When creating server.key, the CN *should* be: <IP of server>
When creating client.key, the CN could be: client.<domain.tld>
.......

It works!

Thank you.