wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-07-21 21:13:00 +02:00
Code Issues Projects Releases Wiki Activity

Exclude CA from P12 (#835)

Browse source
This commit is contained in:
Jack Ivanov 2018-03-18 00:16:22 +03:00 committed by Dan Guido
parent 62fc22ab59
commit 4e4440a318
2 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
roles/vpn/tasks/openssl.yml
View file

@ -117,7 +117,6 @@
-export
-name {{ item }}
-out private/{{ item }}.p12
-certfile cacert.pem
-passout pass:"{{ easyrsa_p12_export_password }}"
args:
chdir: "configs/{{ IP_subject_alt_name }}/pki/"

1
roles/vpn/templates/client_windows.ps1.j2
View file

@ -1,6 +1,7 @@
function AddAlgoVPN {
certutil -f -importpfx .\{{ item }}.p12
certutil -addstore root .\cacert.pem
Add-VpnConnection -name "Algo VPN {{ IP_subject_alt_name }} IKEv2" -ServerAddress "{{ IP_subject_alt_name }}" -TunnelType IKEv2 -AuthenticationMethod MachineCertificate -EncryptionLevel Required
Set-VpnConnectionIPsecConfiguration -ConnectionName "Algo VPN {{ IP_subject_alt_name }} IKEv2" -AuthenticationTransformConstants GCMAES128 -CipherTransformConstants GCMAES128 -EncryptionMethod AES128 -IntegrityCheckMethod SHA384 -DHGroup ECP256 -PfsGroup ECP256 -Force
}