Config file generated by client requests for external .key file

[MrMc]

Hi,

it's been a couple of years since I last updated OpenVPN configuration for an old office setup.

Recently shifted locations, and bought a new router.

Similar to the old router, it has a straightforward OpenVPN tab which generates a config file which I'd normally distribute to the clients that need to access it. Config file currently returns an error message requesting for an external .key file, which should be inside the config file already.

Would like to check if there's syntax to have the config file directly refer to itself for the necessary certs.

Windows OpenVPN Connect client version is 3.4.4 (3412)

Sample config and screenshot of the error message provided below for reference.
https://drive.google.com/file/d/1iCEtIn ... 9ZwLR/view
https://drive.google.com/file/d/1t9AztN ... HJiK7/view

Regards,
Ben

[JosephS]

Hi MrMc,

It is possible to provide the path to the cert/keys inline .ovpn config file:

ca [path to .crt]
cert [path to .crt]
key [path to .key]
tls-auth [path to ta.key]

But, a much better approach would be to include the body of said ca/cert into the .ovpn config file with the following format:

<ca>
-----BEGIN CERTIFICATE-----
# insert contet from ca.crt
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
# insert contet from client.crt
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN PRIVATE KEY-----
# insert contet from client.key
-----END PRIVATE KEY-----
</key>

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
# insert ta.key
-----END OpenVPN Static key V1-----
</tls-auth>

I hope the is helps.

With Regards,
Josephs