Installing Let's Encrypt SSL certificate on OpenVPN server

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
jvonschaumburg
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 10, 2016 2:03 pm

Installing Let's Encrypt SSL certificate on OpenVPN server

Post by jvonschaumburg » Wed Feb 10, 2016 2:12 pm

Does anyone have experience with Let's Encrypt on an OpenVPN server? I created an DNS A record for my organization and pointed it to the IP address of my OpenVPN server. I'd like to use a free Let's Encrypt certificate so that my users will not see the certificate error. I am following the guide in this article: https://letsencrypt.org/howitworks/. I tried running the command to install the cert on Apache but am receiving some errors:

Code: Select all

./letsencrypt-auto --apache


My initial question is, what is actually serving the web interface for OpenVPN? I thought it was Apache, but I noticed that when I stop the Apache service, I can still access the web GUI.

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Installing Let's Encrypt SSL certificate on OpenVPN serv

Post by Pippin » Wed Feb 10, 2016 9:49 pm

Let`s Encrypt is not meant for OpenVPN.
OpenVPN is not related to Apache, it`s a "stand alone" application and needs it`s own certificates.

jvonschaumburg
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 10, 2016 2:03 pm

Re: Installing Let's Encrypt SSL certificate on OpenVPN serv

Post by jvonschaumburg » Wed Feb 10, 2016 10:13 pm

Why is Let's Encrypt not meant for OpenVPN? I am trying to install an SSL cert so that when my users go to vpn.<mydomain>.com to download the OpenVPN client (or connect to the admin GUI), they do not see a certificate error. Are you saying that the OpenVPN web interface does not support SSL certificates? I would not think that would be the case.

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Installing Let's Encrypt SSL certificate on OpenVPN serv

Post by Pippin » Thu Feb 11, 2016 12:13 am

Oh yes, i see my confusion :roll: , this is about Access Server WebGUI i think.
No experience with that, sorry.

nsideras-hbf
OpenVpn Newbie
Posts: 1
Joined: Thu Feb 25, 2016 6:40 pm

Re: Installing Let's Encrypt SSL certificate on OpenVPN serv

Post by nsideras-hbf » Thu Feb 25, 2016 6:43 pm

Pippin wrote:Oh yes, i see my confusion :roll: , this is about Access Server WebGUI i think.
Hi,

This is possible. I've previously written instructions at https://www.sideras.net/lets-encrypt-ht ... ss-server/, but the quick version is that you'll want to run the following commands:

Code: Select all

/etc/init.d/openvpnas stop

##Let's Encrypt Client Runs Here in standalone mode##

./usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v "`cat /etc/letsencrypt/live/DOMAIN.TLD/fullchain.pem`"

./usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v "`cat /etc/letsencrypt/live/DOMAIN.TLD/privkey.pem`" > /dev/null

./usr/local/openvpn_as/scripts/confdba -mk cs.cert -v "`cat /etc/letsencrypt/live/DOMAIN.TLD/cert.pem`"

/etc/init.d/openvpnas start

Sigil_Thane
OpenVpn Newbie
Posts: 1
Joined: Fri Jul 21, 2017 9:33 pm

Re: Installing Let's Encrypt SSL certificate on OpenVPN server

Post by Sigil_Thane » Fri Jul 21, 2017 10:21 pm

I attempted to set up a OpenVPN appliance with Let'sEncrypt SSL licenses as per the last portion of this forum ...which includes opening a port 80 located on the server with nginx for the /.well-known/ pages. I was able to successfully pull down SSL certificates and install them, but after rebooting the Admin webui does not open, only the nginx pages.

Is there a way to allow the nginx page only to acess the "/.well-known/" location while allowing the main OpenVPN pages to load?

sarahadames
OpenVpn Newbie
Posts: 4
Joined: Thu Aug 11, 2016 9:08 am

Re: Installing Let's Encrypt SSL certificate on OpenVPN server

Post by sarahadames » Wed Oct 18, 2017 12:58 pm

jvonschaumburg wrote:
Wed Feb 10, 2016 2:12 pm
Does anyone have experience with Let's Encrypt on an OpenVPN server? I created an DNS A record for my organization and pointed it to the IP address of my OpenVPN server. I'd like to use a free Let's Encrypt certificate so that my users will not see the certificate error. I am following the guide in this article: https://letsencrypt.org/howitworks/. I tried running the command to install the cert on Apache but am receiving some errors:

Code: Select all

./letsencrypt-auto --apache


My initial question is, what is actually serving the web interface for OpenVPN? I thought it was Apache, but I noticed that when I stop the Apache service, I can still access the web GUI.
I found related information and found related article about how you can get free letscrypt and how to configure with OpenVPN. https://community.openvpn.net/openvpn/w ... ate_Chains

hitjethva
OpenVpn Newbie
Posts: 1
Joined: Fri Aug 28, 2020 7:24 am

Re: Installing Let's Encrypt SSL certificate on OpenVPN server

Post by hitjethva » Fri Aug 28, 2020 7:28 am

I have installed OpenVPN server using my domain http://linuxbuz.com on Ubuntu 20.04. During the Let's Encrypt installation, i am getting the following error:

Performing the following challenges:
http-01 challenge for linuxbuz.com
http-01 challenge for www.linuxbuz.com
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. linuxbuz.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://linuxbuz.com/.well-known/acme-challenge/pYpAC6kT25C0itcTNKd8hwb_0VaoPxJVIkVg5_xn-N4 [77.111.240.95]: 403
IMPORTANT NOTES:

how can i solve this issue?

Thanks in advance

Post Reply