Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Is it possible to use OpenVPN with my own PKI?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Is it possible to use OpenVPN with my own PKI? (Read 1850 times)
tony124
Newbie
Posts: 11
Karma: 0
Is it possible to use OpenVPN with my own PKI?
«
on:
June 15, 2020, 10:30:21 pm »
I am trying to setup OpenVPN using the certificates generated by my own PKI. I did the following:
- setup OpenVPN following the official docs to make sure it works using OPNsense own root CA
- use my root CA to create an intermediate CA (on another host)
- use the intermediate CA to generate certificates (1 for server + 1 for client) for OpenVPN
- copy the certs to OPNsense and import them using
https://github.com/pluspol-interactive/opnsense-import-certificate
- create a user in OPNsense
- link the client cert to the user
- openvpn > Client export to get the client files. But I get stuck here: the user I created doesn't show in the list to be exported.
Perhaps I don't need the client cert on OPNsense, however I wanted to export the client from OPNsense to ensure the config is correct.
What am I missing here? Any hint/tip would be much appreciated.
Logged
Weff
Newbie
Posts: 2
Karma: 0
Re: Is it possible to use OpenVPN with my own PKI?
«
Reply #1 on:
June 18, 2020, 10:06:30 am »
I think you don't have to
link the client cert to the user
.
You can specify it on the client configuration.
(I'm using OpenVPN with external auth too).
W
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Is it possible to use OpenVPN with my own PKI?