OpenVPN Certificate

On OpenVPN there is an default certificate installed already, however if you add an incorrect / invalid certificate it may stop the OpenVPN from starting up correctly. You can correct this with:

cd /usr/local/openvpn_as/scripts/

./sacli --key "cs.priv_key" ConfigDel
./sacli --key "cs.ca_bundle" ConfigDel
./sacli --key "cs.cert" ConfigDel
./sacli start

You can also set your own ciphers for the VPN connection via command line with:

./sacli --key "cs.openssl_ciphersuites" --value 'EECDH+CHACHA20:EECDH+AES128:EECDH+AES256:!RSA:!3DES:!MD5:!RC4' ConfigPut

You can verify everything with at: /usr/local/openvpn_as/scripts/

./sacli ConfigQuery | grep "cipher"

  "cs.openssl_ciphersuites": "EECDH+CHACHA20:EECDH+AES128:EECDH+AES256:!RSA:!3DES:!MD5:!RC4", 
  "vpn.client.cipher": "AES-256-CBC", 
  "vpn.client.config_text": "cipher AES-256-CBC", 
  "vpn.server.cipher": "AES-256-CBC", 
  "vpn.server.config_text": "cipher AES-256-CBC", 

Finally to start the OpenVPN up again with the settings the command is:

./sacli start