OpenVPN Support Forum

Hello,

After updating to the latest version of OpenVPN server on our Windows 7 system it has ceased to work due to support for MD5 being dropped with this version (openvpn-install-2.4.6-I602.exe).

Unfortunately I can only find information about upgrading certificates on linux-type platforms and I fear the official how-to for Windows is out of date.

Before I delve in and do it wrong, does anyone know of a resource for Windows which deals with upgrading server and client certificates? Not sure how to proceed. Many thanks.

Start here:
https://github.com/OpenVPN/easy-rsa/releases

Yes have just downloaded the latest easy-rsa. Now, because this is an existing installation I presume I need to move all my old keys, crt and pem files out of there before I start with easy-rsa, would that be right?

Always make a backup ..

Indeed, but if I'm not mistaken, the old key, pem and crt files could cause confusion and/or problems if I leave them in there. I'll take them out...

You will have to create a completely new PKI so make sure your old one is not in your way.

So I install easy-rsa but it can't find the PATH to ssl. I add the path to the Windows environment variables but it still can't find the commands. What gives? I see some others have gone ahead and re-installed Open SSL. What do you recommend?

See vars.example

Ok, that was helpful, thank you.
For others having difficulty, also helpful was this tutorial, although I didn't encrust the certificates in the server.config like he did:
https://www.alanbonnici.com/2018/01/how ... lient.html