Created
August 17, 2018 15:50
-
-
Save boydc7/d23a115e0030ca43585c77f5d094b386 to your computer and use it in GitHub Desktop.
LetsEncrypt certificate creation for OpenVpn server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adapted from https://loige.co/using-lets-encrypt-and-certbot-to-automate-the-creation-of-certificates-for-openvpn/ | |
* SSH to the open vpn server: | |
ssh -i .ssh/_THE_KEY_TO_USE_ openvpnas@_THE_SERVER_NAME_OR_IP_ | |
* Install Certbot: | |
sudo apt-get -y install software-properties-common | |
sudo add-apt-repository -y ppa:certbot/certbot | |
sudo apt-get -y update | |
sudo apt-get -y install certbot | |
* Generate the certificate using Certbot: | |
sudo certbot certonly --standalone --non-interactive --agree-tos --email _YOUR_CERT_EMAIL_ --domains _THE_DOMAIN_TO_PROTECT_ --pre-hook 'sudo service openvpnas stop' --post-hook 'sudo service openvpnas start' | |
* Link them to the OpenVpn folder (link them, as they are updated automatically): | |
sudo ln -s -f /etc/letsencrypt/live/_THE_DOMAIN_TO_PROTECT_/cert.pem /usr/local/openvpn_as/etc/web-ssl/server.crt | |
sudo ln -s -f /etc/letsencrypt/live/_THE_DOMAIN_TO_PROTECT_/privkey.pem /usr/local/openvpn_as/etc/web-ssl/server.key | |
* Restart the OpenVpn server: | |
sudo service openvpnas restart | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment