{"id":424,"date":"2012-05-31T16:19:08","date_gmt":"2012-05-31T08:19:08","guid":{"rendered":"http:\/\/www.brainfart.sg\/?p=424"},"modified":"2020-07-08T14:29:05","modified_gmt":"2020-07-08T06:29:05","slug":"embedding-certificate-into-openvpn-config","status":"publish","type":"post","link":"https:\/\/www.brainfart.sg\/index.php\/2012\/05\/embedding-certificate-into-openvpn-config\/","title":{"rendered":"Embedding Certificates into OpenVPN Config"},"content":{"rendered":"<p>I found out a very cool configuration trick for OpenVPN while doing some <a href=\"https:\/\/forums.openvpn.net\/topic10593.html\" target=\"_blank\" rel=\"noopener noreferrer\">read-up<\/a> on OpenVPN encryption key size.<\/p>\n<p>In the middle of the thread, one of the user, &#8220;300000&#8221;, posted his\/her configuration settings.<br \/>\nThe part that caught my eye was the chunk of Base64 encoded certs.<\/p>\n<p>I never knew you could embed the certs directly into the config file!<\/p>\n<p>All these while I&#8217;ve been using the respective keywords to define the path to the individual cert files. This have made the distribution of configuration to each user quite a pain, since in addition to the config file, I have to send them the cert and key files and also to instruct them on where to put the individual files.<\/p>\n<p>Now, I can just pass them a single .ovpn file and tell them where to place it and they are good to go. No more additional steps like telling them to download the cert files and placing them in a specific directory.<\/p>\n<p>To embed the certs, simply place the Base64 encoded cert text into the respective &lt;ca&gt; &lt;\/ca&gt;, &lt;cert&gt; &lt;\/cert&gt;&nbsp;and &lt;key&gt; &lt;\/key&gt;&nbsp;tags in your .ovpn config file and comment out the &#8220;ca&#8221;, &#8220;cert&#8221; and &#8220;key&#8221; keywords.<\/p>\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">client\nremote my-server 1194\nproto udp\ndev tun\npersist-key\npersist-tun\nresolv-retry infinite\nnobind\n#ca ca.crt\n#cert client.crt\n#key client.key\ncomp-lzo\nverb 3\n&lt;ca&gt;\n-----BEGIN CERTIFICATE-----\n***Paste CA Cert Text Here***\n\n-----END CERTIFICATE-----\n&lt;\/ca&gt;\n&lt;cert&gt;\n-----BEGIN CERTIFICATE-----\n***Paste Your Cert Text Here***\n\n-----END CERTIFICATE-----\n&lt;\/cert&gt;\n&lt;key&gt;\n-----BEGIN PRIVATE KEY-----\n***Paste Your Cert Private Key Here***\n\n-----END PRIVATE KEY-----\n&lt;\/key&gt;\n<\/pre>\n<p>There, simple.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I found out a very cool configuration trick for OpenVPN while doing some read-up on OpenVPN encryption key size. In the middle of the thread, one of the user, &#8220;300000&#8221;, posted his\/her configuration settings. The part that caught my eye&hellip; <a href=\"https:\/\/www.brainfart.sg\/index.php\/2012\/05\/embedding-certificate-into-openvpn-config\/\" class=\"more-link\">Continue Reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":580,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"aside","meta":{"spay_email":""},"categories":[17],"tags":[91,90],"jetpack_featured_media_url":"https:\/\/www.brainfart.sg\/wp-content\/uploads\/2012\/05\/OpenVPN-logo.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p1T66h-6Q","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/posts\/424"}],"collection":[{"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/comments?post=424"}],"version-history":[{"count":7,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/posts\/424\/revisions"}],"predecessor-version":[{"id":581,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/posts\/424\/revisions\/581"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/media\/580"}],"wp:attachment":[{"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/media?parent=424"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/categories?post=424"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.brainfart.sg\/index.php\/wp-json\/wp\/v2\/tags?post=424"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}