Whether you're taking your first steps with Kubernetes or you're an experienced practitioner looking to sharpen your skills, our Amazon EKS workshop series delivers practical, real-world experience that moves you forward. Learn directly from AWS solutions architects and EKS specialists through hands-on sessions designed to build your confidence with Kubernetes. Register now and start building with Amazon EKS!
How do I use private certificates for mutual authentication with AWS Certificate Manager to create and connect to a Client VPN endpoint?
2 minute read
0
I want to use private certificates for mutual authentication with AWS Certificate Manager (ACM) to create and connect to an AWS Client VPN endpoint.
Resolution
To use ACM and AWS Private Certificate Authority to create private digital certificates, complete the following steps:
- Create a private CA.
Note: You can also create a subordinate CA, if needed. - Use the private CA to request private certificates for your server and client.
- Use the certificates to create a Client VPN endpoint.
- Export the client certificate. After you create a passphrase, you receive a client certificate body, certificate chain, and certificate private key.
- To decrypt the private key, run the following command in OpenSSL:
Note: Replace YOUR_PASSPHRASE with your passphrase.[ec2-user@ip-172-20-20-14 ~]$ openssl rsa -in private_key.txt -out decrypted_private_key.txtEnter pass phrase for private_key.txt: YOUR_PASSPHRASE writing RSA key - Download the Client VPN endpoint configuration file.
- Add the contents of the decrypted_private_key.txt file and the contents of the client certificate body to the configuration file.
- Export the client configuration file.
- Add the client certificate and key information to the client configuration file.
- To connect to the Client VPN endpoint, use an OpenVPN client or the Client VPN desktop application.
- Language
- English
AWS OFFICIALUpdated a year ago
No comments
Relevant content
- AWS OFFICIALUpdated 9 months ago
