Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN + Windows Server Certificate Authority
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN + Windows Server Certificate Authority (Read 2561 times)
bato1986
Newbie
Posts: 1
Karma: 0
OpenVPN + Windows Server Certificate Authority
«
on:
September 17, 2021, 08:52:16 am »
Hello everyone,
We have Windows Server with active directory and we have root CA on this server.
Is possible implement that certificate on Opnssense / OpenVPN. We want to use it instead of using self-sign certificate for every user? Some guideline to implement it?
Best Regards,
Alex
Logged
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: OpenVPN + Windows Server Certificate Authority
«
Reply #1 on:
September 17, 2021, 09:46:26 am »
Hi Alex,
System, Trust, Authorities to import your root CA cert and any intermediates. System, Trust, Certificates, click the + in the top right corner to add a new cert. Select 'Create a Certificate Signing Request' next to method.
Sign the CSR in the MS cert web interface and import the resulting certificate back into OPNsense.
VPN, OpenVPN, Servers, click the + in the top right corner to add a new server. Select the AD cert under Peer Certificate Authority.
For each user, point the ca, cert and key values to the root CA cert file, their user cert file and its key respectively. Note that these can be put in-line into the OpenVPN config file with <ca></ca> <cert></cert> <key></key> tags for portability.
User enrollment and nifty PowerShell to automate their experience are left as an exercise to the reader
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN + Windows Server Certificate Authority