OpenVPN allows client computers to tunnel into a server over a single UDP or TCP port securely. This HOWTO article is a step-by-step guide that explains how to create the server and client OpenVPN configuration files that makes this possible. In the process this article explains how to create the public key infrastructure (PKI) so that a client can securely communicate with the server. OpenSSL is the foundation for the security functionality of OpenVPN.
For this tutorial you will need the following software: OpenVPN. You can download the latest version of OpenVPN from https://openvpn.net/index.php/open-source/downloads.htmlEasyRSA is the tool people use to create the Public Key Infrastructure (PKI) for OpenVPN. Download the latest release of EasyRSA from https://github.com/OpenVPN/easy-rsa/releases. There is not installation required. Extract the contents of the archive into a folder.
OpenVPN is available on various platforms. The generation of the configuratio…
Latch on article
This piece latches on to an earlier article titled HOWTO setup OpenVPN server and client configuration files using EasyRSA available from http://www.alanbonnici.com/2018/01/howto-setup-openvpn-server-and-client.html. Go to that post for information on how to setup the server environment and generate certificates that are required to establish an OpenVPN connection.
This article covers the following topics: Portability of the EasyRSA environments;Creating additional clients related to the same server;Creating a password protected client.
Portability of the EasyRSA environments
All EasyRSA script commands operate within the EasyRSA folder and pki subfolder. No settings are written in the registry or in some area of your computer out of the EasyRSA directory. Also all EasyRSA script commands are relative to this folder. This makes the EasyRSA environment self-contained and portable.
For example, the EasyRSA server environment used in this article or…
The internet is not a secure place. If you’re not aware of this fact just google “computer security stories” or “data breaches” and click on the first few links that come up.
All content on the internet needs to be secured. This article focuses on the secure transmission of data between your browser and the website that you are connected to. This is known as Hyper Text Transfer Protocol Secure (HTTPS). In order to secure communications certificates are used to encrypt data between you and the web site. A Certificate Authority (CA) is an entity that can issue, renew and manage these certificates.
Take a situation in which you are interacting with your bank via its web site. You expect: that:
The transactions, balances and other information from the banks IT systems are for your eyes only and no one can intercept these transmissions by introducing themselves between your bank’s computer and your device. This is known as the man-in the-middle attack;No one can manipulate the internet tra…