OpenVPN Support Forum

krzee wrote:http://article.gmane.org/gmane.network. ... devel/4185
looks like you weren't alone!

Thanks

http://www.felines.org/OpenVPN-Windows_CA-Instructions.htm is a dead link. Is this document available somewhere?

Thanks,

John

I apologise, I deleted that from my website.

There is a copy of the text, without images, in the Internet Archive at:
http://web.archive.org/web/201103171804 ... ctions.htm

If I can find the original, I will upload it again.
-Jay

Okay, I've re-uploaded it here:
http://www.felines.org/Instructions%20f ... icates.htm

Sorry for the inconvenience.
-Jay

Thank you for this sharing dude. this is very usefully for me

I know this is a super old thread, but any chance the linked document still lives someplace?
We have our own CA and all window clients have a valid cert. I just need to see how to make the ovpn file so it uses the local cert and not an embedded one.

Here ya go:

https://docs.microsoft.com/en-us/window ... tall-win10

Just install as per Microsoft's instructions then generate the CA's under Ubuntu using OpenSSL per the OpenVPN's instructions. As you can see by the above Microsoft has Ubuntu running seamlessly on the desktop.

Wow, Microsoft and Linux, together! Hope nobody's head explodes!
Haven't you heard, they aren't fighting anymore: https://cloudblogs.microsoft.com/window ... ves-linux/

Oh wait, you want to use WINDOWS CA? Well sorry, that's what you get when you try to reanimate zombie threads... Guess I COULD have posted the instructions to install OpenSSL under Windows instead...

Seriously, why would you want to use a screwdriver to hammer in nails??? Best tool for the job even Microsoft admits to that now.

tedm wrote: ↑

Fri May 21, 2021 10:34 pm

Wow, Microsoft and Linux, together! Hope nobody's head explodes!
Haven't you heard, they aren't fighting anymore

Wow .. aviating pork ! -- Naivety is no defence.

You do know that M$ paid Seven Billion Dollars for github.com ?
The dust has not settled yet and most likely never will.

Anyway, why use Microsoft to manage a CA when OpenVPN provide the tools:
https://github.com/OpenVPN/easy-rsa

And additional tools to enhance that:
https://github.com/TinCanTech/easy-tls
https://github.com/TinCanTech/easy-pfp

TinCanTech wrote: ↑

Fri May 21, 2021 11:05 pm

Anyway, why use Microsoft to manage a CA when OpenVPN provide the tools:
https://github.com/OpenVPN/easy-rsa

And additional tools to enhance that:
https://github.com/TinCanTech/easy-tls
https://github.com/TinCanTech/easy-pfp

Because there is no better way to manage computers running windows
With windows CA (and active directory) you have:
* Seamless certificate issue and renewal. The user is not required to do anything to have it's certificate issued and regularly renewed.
* Unexportable certificates - once issued, can't be stolen.

Why trust Microshaft to do that which you can do better for yourself ?

Remember the Anti-Trust Law Suit ?

Naivety is no defence ..

I could be wrong...
Please name at least one usable by openvpn alternative where you can issue/renew certificate without having the private key in plain text without an easy way to copy it?