I know that you can configure openvpn to not require a certificate and for example require login credentials instead. I am trying to configure openvpn to authenticate against our active directory server but wanted to know if it would be possible to use a certificate also but to roll out a single cert instead of having to generate one for each end user. I know that openvpn has created a really nice package that can accomplish this but we cannot afford licensing for it. It would be much easier to roll the vpn client out and start getting folks connected if I could use a single client cert. Any feedback is much appreciated!
Thank you!
Is it possible to roll out a single cert for all clients?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
joshcole
- OpenVpn Newbie
- Posts: 19
- Joined: Mon Oct 10, 2011 5:08 pm
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Is it possible to roll out a single cert for all clients
Use "--duplicate-cn" in server's config file.
-
joshcole
- OpenVpn Newbie
- Posts: 19
- Joined: Mon Oct 10, 2011 5:08 pm
Re: Is it possible to roll out a single cert for all clients
This makes sense. Thank you. I will generate a new certificate and key and roll that out.