On OpenVPN there is an default certificate installed already, however if you add an incorrect / invalid certificate it may stop the OpenVPN from starting up correctly. You can correct this with:
cd /usr/local/openvpn_as/scripts/
./sacli --key "cs.priv_key" ConfigDel
./sacli --key "cs.ca_bundle" ConfigDel
./sacli --key "cs.cert" ConfigDel
./sacli startYou can also set your own ciphers for the VPN connection via command line with:
./sacli --key "cs.openssl_ciphersuites" --value 'EECDH+CHACHA20:EECDH+AES128:EECDH+AES256:!RSA:!3DES:!MD5:!RC4' ConfigPut
You can verify everything with at: /usr/local/openvpn_as/scripts/
./sacli ConfigQuery | grep "cipher"
"cs.openssl_ciphersuites": "EECDH+CHACHA20:EECDH+AES128:EECDH+AES256:!RSA:!3DES:!MD5:!RC4",
"vpn.client.cipher": "AES-256-CBC",
"vpn.client.config_text": "cipher AES-256-CBC",
"vpn.server.cipher": "AES-256-CBC",
"vpn.server.config_text": "cipher AES-256-CBC",
Finally to start the OpenVPN up again with the settings the command is:
./sacli start