Your newly created PKI dir is: /etc/easy-rsa/pki}}
==== VPNサーバー用鍵ペアの生成 ====<syntaxhighlight langpre style="bashmargin-bottom: 0; border-bottom:none; padding-bottom:0.8em;">easyrsa gen-req [サーバー名?] server nopass</pre><pre style="margin-top: 0; border-top-style:dashed; padding-top: 0.8em;">Using SSL: openssl OpenSSL 1.1.1d 10 Sep 2019
Using SSL: openssl OpenSSL 1.1.1d 10 Sep 2019
Can't load /etc/easy-rsa/pki/.rnd into RNG
139780419302656:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:98:Filename=/etc/easy-rsa/pki/.rnd
..................................................+++++
.................................................................+++++
writing new private key to '/etc/easy-rsa/pki/private/servernameserver.key.TUQccMn1qp'
-----
You are about to be asked to enter information that will be incorporated
If you enter '.', the field will be left blank.
-----
Common Name (eg: your user, host, or server name) [servernameserver]:yyyyyyyy[任意の名前]
Keypair and certificate request completed. Your files are:
req: /etc/easy-rsa/pki/reqs/servernameserver.reqkey: /etc/easy-rsa/pki/private/servernameserver.key</pre> cp /etc/easy-rsa/pki/private/server.key /etc/openvpn/server/ <syntaxhighlight lang="bash">
cp /etc/easy-rsa/pki/private/servername.key /etc/openvpn/server/</syntaxhighlight>
<syntaxhighlight lang="bash">openssl dhparam -out /etc/openvpn/server/dh.pem 2048</syntaxhighlight>