Forum Navigation
You need to log in to create posts and topics.

Configuring Lets Encrypt SSL certificate with OpenVPN

Problem

User wants to install free SSL certificate from letencrypt on openvpn server available from: https://openvpn.net/download-open-vpn/

Note: the solution requires adding a TXT record to your domain ( make sure you have access to your DNS )

Solution

run the following steps and commands in order to generate and install your certificate

download and install certbot ( also can be installed on your AMI openvpn server )

add-apt-repository ppa:certbot/certbot
apt-get update
apt install certbot

generate a certificate

certbot certonly –manual –preferred-challenges dns -d “vpn.tracston.ai”

when prompted with this information

_acme-challenge.vpn.tracston.ai with the following value:

uHSfsIqCtDdlYUK_3XNFQhsmh98wu6Lh4vN-6GoYl0I

add the TXT record to your DNS

when creating DNS record dont add the entire domain just the prefix _acme-challenge.vpn

and lower TTL to 1 min

wait 5 minutes and press enter if you added the records correctly you will be prompted that certificates has been generated

run the following commands to import the SSL certificates

DOMAIN=production-vpn.tracston.ai
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v “`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`”
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v “`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`” > /dev/null
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v “`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`”

Restart OpenVPN Server
/usr/local/openvpn_as/scripts/sacli start

 

 

 

 

 

Uploaded files:

Renew the Certificate when needed with this script

don't forget to change the domain name

Uploaded files: