OpenVPN Support Forum

Hi,

I have installed OpenVPN and installed 5 certificate to access VPn Server. Everything works fine. Now I bought a new machine for which I would like to create a certificate with existing server certificate and other things..

The problem is that all this time whenever I a create a new client certificate I have redo everything from first like create server certicate, DH file etc etc.... Is there any way to just add new client certificate to the existing certificates so that I need not create eerything from scratch.

Awaiting your response!
Thanks!

raamkum wrote:Hi,

I have installed OpenVPN and installed 5 certificate to access VPn Server. Everything works fine. Now I bought a new machine for which I would like to create a certificate with existing server certificate and other things..

The problem is that all this time whenever I a create a new client certificate I have redo everything from first like create server certicate, DH file etc etc.... Is there any way to just add new client certificate to the existing certificates so that I need not create eerything from scratch.

Awaiting your response!
Thanks!

I noticed this myself, and was wondering the same, so I'll subscribe to the thread and wait for a response.

Can you describe in more detail what is going wrong?

Personally i run several OpenVPN servers and grant access on these servers by using unique subCA's for every instance running.

Adding a new client is as easy as issuing a new certificate to the client. The only thing needs to be done here is generating a csr on the new client. As far as the server concerns, it only sees a valid certificate, issued by the correct (sub)CA.

as long as you did not delete your ca.key you can sign more client certificates with it... you just repeat the client key/signing process without the rest of them.