Quote from moshe on 18/10/2021, 10:44 amProblem
User wants to install free SSL certificate from letencrypt on openvpn server available from: https://openvpn.net/download-open-vpn/
Note: the solution requires adding a TXT record to your domain ( make sure you have access to your DNS )
Solution
run the following steps and commands in order to generate and install your certificate
download and install certbot ( also can be installed on your AMI openvpn server )
add-apt-repository ppa:certbot/certbot
apt-get update
apt install certbotgenerate a certificate
certbot certonly –manual –preferred-challenges dns -d “vpn.tracston.ai”
when prompted with this information
_acme-challenge.vpn.tracston.ai with the following value:
uHSfsIqCtDdlYUK_3XNFQhsmh98wu6Lh4vN-6GoYl0I
add the TXT record to your DNS
when creating DNS record dont add the entire domain just the prefix _acme-challenge.vpn
and lower TTL to 1 min
wait 5 minutes and press enter if you added the records correctly you will be prompted that certificates has been generated
run the following commands to import the SSL certificates
DOMAIN=production-vpn.tracston.ai
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v “`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`”
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v “`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`” > /dev/null
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v “`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`”Restart OpenVPN Server
/usr/local/openvpn_as/scripts/sacli start
Problem
User wants to install free SSL certificate from letencrypt on openvpn server available from: https://openvpn.net/download-open-vpn/
Note: the solution requires adding a TXT record to your domain ( make sure you have access to your DNS )
Solution
run the following steps and commands in order to generate and install your certificate
download and install certbot ( also can be installed on your AMI openvpn server )
add-apt-repository ppa:certbot/certbot
apt-get update
apt install certbot
generate a certificate
certbot certonly –manual –preferred-challenges dns -d “vpn.tracston.ai”
when prompted with this information
_acme-challenge.vpn.tracston.ai with the following value:
uHSfsIqCtDdlYUK_3XNFQhsmh98wu6Lh4vN-6GoYl0I
add the TXT record to your DNS
when creating DNS record dont add the entire domain just the prefix _acme-challenge.vpn
and lower TTL to 1 min
wait 5 minutes and press enter if you added the records correctly you will be prompted that certificates has been generated
run the following commands to import the SSL certificates
DOMAIN=production-vpn.tracston.ai
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v “`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`”
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v “`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`” > /dev/null
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v “`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`”Restart OpenVPN Server
/usr/local/openvpn_as/scripts/sacli start
Uploaded files:
Quote from moshe on 18/10/2021, 10:57 amRenew the Certificate when needed with this script
don't forget to change the domain name
Renew the Certificate when needed with this script
don't forget to change the domain name
Uploaded files: