OpenVPN Server and Client Setup on Linux

OpenVPN Server and Client setup on Linux becomes very easy from a single shellscript that we developed. The shellscript is open-sourced to the world on github repository. The script name is “cert_ops.sh“. Please clone the project or download the script on your server machine. And lets get started.

Assumptions:

  • Server and Certificate Authority (CA) works from same server
  • Client certificate and key are transported securely to the client machine (As, it is out of scope).
  • The script are downloaded to the server machine

Please follow FOUR simple steps given below and you’ll successfully get OpenVPN Server and Client certificates ready for execution.

1.  Create Certificate Authority (CA) and Self sign it.

./cert_ops.sh ca "DE" "HE" "FRA" "ME" "CA" "CERT" "admin@CA.de"

Output Files: ‘ca_crt.pem‘ , ‘ca_key.pem

You’ll get output something like below:

CA Key and Certificate

CA Key and Certificate

2. Create Server Key, Certificate and Sign it using CA certificate and key.

./cert_ops.sh server "DE" "HE" "FRA" "company" "server" "CERT" "admin@server.de" 

Output Files:  ‘server_crt.pem‘ , ‘server_key.pem‘ , ‘server.cnf

You’ll get  output something like below:

Create Server Key, Certificate and Signed by CA

Create Server Key, Certificate and Signed by CA

3. Create Client Key, Certificate and Signed by CA

./cert_ops.sh client clientME "DE" "HE" "DA" "meClient" "clientMe" "clientCert" "clientMe@myorg.de" 

Output Files: ‘clientMe_crt.pem‘ ,  ‘clientMe_key.pem‘ , ‘clientMe.cnf

You’ll get  output something like below:

Create Client key, Certificate and Signed by CA

Create Client key, Certificate and Signed by CA

4. Generate Diffie-Hellman parameters for the Server side

./cert_ops.sh dh 

Output File: ‘dh1024.pem

The output looks something like this:

Generate Diffie-Hellman parameter

Generate Diffie-Hellman parameter

 Now, we are ready to test and run OpenVPN Server and Client setup on Linux Machine. The next step is to give/send/take these files ‘clientMe_crt.pem‘ ,  ‘clientMe_key.pem‘ , ‘clientMe.cnf‘ and ‘ca_cert.pem‘ to the clients machine.

Run OpenVPN Server

Run openvpn using server configuration file ‘server.cnf’.

# openvpn server.cnf

After successfull run and a client succesfully connected to the openVPN server, the output looks similar to this:

OpenVPN Successfully Running

OpenVPN Successfully Running

Run OpenVPN Client

Run openvpn client using client configuration file ‘clientMe.cnf’.

# openvpn clientMe.cnf

After openVPN client successfully connected with openVPN server, the output looks similar to this:

Client OpenVPN success

Client OpenVPN Success

I hope you reached here without any hassle and please give your feedback or any further queries in the comments section. :)

Have a nice day Hacking! 😀

Floating Social Media Icons Powered by Acurax Blog Designing Company