How to Configure OpenVPN Server on Router Using 3rd Party Signed SSL Cert

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
bzowk
OpenVpn Newbie
Posts: 1
Joined: Sun May 06, 2018 8:15 pm

How to Configure OpenVPN Server on Router Using 3rd Party Signed SSL Cert

Post by bzowk » Sun May 06, 2018 8:44 pm

Hey Guys -

I recently swapped the firmware of my router (Linksys WRT1900ACS) from OEM to the latest version of LEDE. I've used it or a derivitive of OpenWRT for years and love it! The only remaining configuration is getting OpenVPN Server set up on it. A standard configuration would be fairly straightforward via SSH or even LUCI (web interface) using these steps - however - I'm wanting to do something slightly different which is use my own 3rd party signed SSL Certificate instead of a randomly generated one.

I've already followed the steps initially to where I've executed a create-certs.sh script (script detailed about 20% down in above link) which has generated and prepped the files "ca.key", "ca.crt", "my-client.key", "my-client.csr", my-server.key", "my-server.csr", & "dh2048.pem", & "tls-auth.key" all within /etc/openvpn as (hopefully) shown in the screenshot below. I have not configured the anything in the router yet like editing the files in /etc/config affecting network, firewall, and openVPN configuration.

List of All Files Generated for OpenVPN on Router from "create-certs.sh" Script
Image

For my SSL certs, I currently have a .csr request file, .key file, .crt file, .pem, .pfx, & chaining .crt. I could rekey the certificate with another CSR if needed, but would prefer not to as I use it for a few different things already.

Given this information, would would I need to do to be able to use this SSL cert instead of the generated one(s)? My best guess is to replace some of the generated files with my existing SSL ones, but as there are multiple files; I'm not sure what needs to go where. If replaced, would I go straight to configuring the router or how would I proceed?

Thanks, Guys!!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to Configure OpenVPN Server on Router Using 3rd Party Signed SSL Cert

Post by TinCanTech » Sun May 06, 2018 11:58 pm

bzowk wrote:Re: How to Configure OpenVPN Server on Router Using 3rd Party Signed SSL Cert
Don't ..

User avatar
novaflash
OpenVPN Inc.
Posts: 1073
Joined: Fri Apr 13, 2012 8:43 pm

Re: How to Configure OpenVPN Server on Router Using 3rd Party Signed SSL Cert

Post by novaflash » Mon May 07, 2018 7:34 am

Yeah I have to agree with TinCanTech here, REALLY DO NOT DO THIS

Also this is the forum for the OpenVPN Access Server product, not your third-party open source openvpn based system.

And also, do what you want, I'm just a guy on the Internet, not a cop or anything. 8-)
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.

Post Reply