App Support.

We're here to help.



Creating Certificates and Keys for your OpenVPN Server

Introduction

A number of the OpenVPN server setup guides require you to generate your own certificates and keys on your client device. Here, we will describe the steps required to generate these credential files.

We have an easy to use tool available called OpenVPN Configuration Generator available for for Mac, Ubuntu and Windows which allow you to generate a server and client configs very quickly.

OpenVPN Configuration Generator

We have made a new tool available for simplifying the process of creating credentials and configurations for your server and Viscosity called the OpenVPN Configuration Generator. To get started download and install the correct version for your operating system from our GitHub page here.

More information on this tool is available here.

Mac

To get started, download and extract the tar.gz package from github. This package only contains a single file, openvpn-generate itself.

Next, open up a Terminal window and create a new directory to store your configurations and then change into it, for example:

cd ~

mkdir configs

cd configs

Next, copy openvpn-generate here with Finder, or with the following if you extracted openvpn-generate into your Downloads folder:

cp ~/Downloads/openvpn-generate .

You can also open this folder in Finder using the following:

open .

Now we can initialise a new configuration by running the following and following the instructions on screen:

./openvpn-generate init

Once this is finished, a new directory will be created named "server". This contains a ready to go server configuration you can copy to where you will run your OpenVPN server and start up, feel free to make any changes you wish.

Creating new clients is even easier. Run the following and follow the prompts:

./openvpn-generate client

Client configurations can then be found in the "clients" directory as visz files, ready to be imported into Viscosity with a double click, or copied to another PC or Mac. You can generate as many clients as you need, just remember to give each one a unique name.

Ubuntu

To get started, open a Terminal window, or SSH into your server. Download and install the dpkg deb file from github.

Next, create a new directory to store your configurations in and then change into it. For example:

cd ~

mkdir configs

cd configs

Next, initialise a new configuration by running the following and following the instructions on screen:

openvpn-generate init

Once this is finished, a new directory will be created named "server". This contains a ready to go server configuration you can copy to where you will run your OpenVPN server and start up, feel free to make any changes you wish.

Creating new clients is even easier. Run the following and follow the prompts:

openvpn-generate client

Client configurations can then be found in the "clients" directory as visz files, ready to be sent to clients which they can import with a double click. You can generate as many clients as you need, just remember to give each one a unique name.

You can also automate the creation of clients. For example, if you have a script that sets up a new user on your network, you can create a new user named "client1" with no input using the following:

openvpn-generate client --name client1

cp clients/client1.visz /copy/to/somewhere/else

Windows

To get started, download and install the correct MSI for your architecture (x86 or x64), then open a command prompt by going to start and searching for "Command Prompt", or using Windows+R and running 'cmd'.

In the new window, create a new directory on your computer and change into it. For example, to create a configs directory in your Documents, run the following from Command Prompt:

cd C:\Users\<your username>\Documents

mkdir configs

cd configs

Next, initialise a new configuration by running the following and following the instructions on screen:

openvpn-generate init

Once this is finished, open up the directory and you will find a folder named "server", which contains a ready to go server configuration you can copy to where you will run your OpenVPN server and start up, feel free to make any changes you wish. To quickly open up this directory from Command Prompt, type the following:

explorer .

Creating new clients is even easier. Run the following and follow the prompts:

openvpn-generate client

Client configurations can then be found in the "clients" directory as visz files, ready to be imported into Viscosity with a double click, or copied to another PC or Mac. You can generate as many clients as you need, just remember to give each one a unique name.