<yambe:breadcrumb>Openvpn_server_configuration|Openvpn server configuration</yambe:breadcrumb>

Miscellaneous openvpn issues

Adding CRL (Certificate Revocation List) configuration to openvpn server

For CRL support use revoke option as specified in easy-rsa to generate CRL file. Then in server.conf use 'crl-verify <crl-file>' option

Inline certificate, keys and tls-auth configuration

If preferred then it is possible to specify CA certificate, client or server certificate, client or server key and tls-auth in the configuration file itself as follows:

           <ca>
           -----BEGIN CERTIFICATE-----
           [...]
           -----END CERTIFICATE-----
           </ca>

For other values use tags key, cert, dh, secret and tls-auth. Refer to 'man openvpn' for more information.

<yambe:breadcrumb>Openvpn_server_configuration|Openvpn server configuration</yambe:breadcrumb>