OpenVPN Server >upload< own certificates

Hello everyone, I am new to the Turris ecosystem, and I dived into the documentation how to set up an OpenVPN server here: https://docs.turris.cz/basics/apps/openvpn-server/openvpn/

I am not new to OpenVPN, I am migrating to Turris, therefore I would love to migrate my server certificates to the new device as well.

I struggle to find any usable documentation how to upload a previously generated and existing ca.crt server.crt server.key etc. to the Turris OpenVPN server. All I can currently see (in Foris) is to newly generate these certificates. The reason: I do not want to reissue all the clients’ certificates due to the new hardware, the server should be the same OpenVPN, right?

Could you please suggest which direction to start, as setting up an OpenVPN server and troubleshooting its quirks is already a pain in itself, I would love to make the transitioning as swift as possible.

Any advice is more than welcome!

Hi,
check out the /etc/ssl/ folder on your device.

1 Like

Thanks, I found something under /etc/ssl/ca with various certificate files but interestingly there is also an empty folder /etc/openvpn. Do you know by any chance where are the server config files located (ie. the one that are set when I hit the Enable Server button).

Again, I am reading the OpenWRT website and the Turris documentation, but for this particular situation the documentation is lacking. Would be lovely to have a dedicated page for this. Not just a “click this button and the certificates will be generated for you” …

uci show openvpn.server_turris is your friend. You will find all the related info where the certificates are stored.

2 Likes