Forum Navigation
You need to log in to create posts and topics.

Configuring Lets Encrypt SSL certificate with OpenVPN


User wants to install free SSL certificate from letencrypt on openvpn server available from:

Note: the solution requires adding a TXT record to your domain ( make sure you have access to your DNS )


run the following steps and commands in order to generate and install your certificate

download and install certbot ( also can be installed on your AMI openvpn server )

add-apt-repository ppa:certbot/certbot
apt-get update
apt install certbot

generate a certificate

certbot certonly –manual –preferred-challenges dns -d “”

when prompted with this information with the following value:


add the TXT record to your DNS

when creating DNS record dont add the entire domain just the prefix _acme-challenge.vpn

and lower TTL to 1 min

wait 5 minutes and press enter if you added the records correctly you will be prompted that certificates has been generated

run the following commands to import the SSL certificates
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v “`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`”
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v “`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`” > /dev/null
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v “`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`”

Restart OpenVPN Server
/usr/local/openvpn_as/scripts/sacli start






Uploaded files:

Renew the Certificate when needed with this script

don’t forget to change the domain name

Uploaded files: