Validate Web Certificate for OpenVPN Access Server- V 2.7.5
Learn more about Access Server: https://openvpn.net/access-server/?ut...
Hello and thanks for watching this video on setting the web SSL certificate on OpenVPN Access Server. Access Server launches with a self-signed certificate, which is extremely useful. It allows access to the web services immediately after launch, however, each user accessing the client web service or the admin UI will receive this warning that you see on the screen now and we'll have to click through it. It is preferable to add a valid SSL certificate for your organization after launching that Access Server.
For this demo I will use a Let's Encrypt certificate that I just created and I won't cover the creation here because you can find lots of videos and tutorials on Let's Encrypt, it's very popular. A DNS record is required of course, so set the hostname on the server if you have not done so and then set a valid DNS record and once you have that DNS record and it's available in the DNS system then that can be used to confirm that you are the site owner. I have a Access Server that was just launched right here and the hostname is the same, asdemo.openvpn.com and that is the website we're going to.
So I'll go ahead and click through this warning now and get it to the admin UI so we can set up that certificate. In order to do this you'll need three files and I'll go ahead and open that page it's under web server. And it's laid out for you here. You need the CA bundle, the certificate, which actually displays the hostname and the private key for that certificate. And I have those files in a folder right here. So if I choose the bundle first. Choose the full chain. The certificate. And then the private key.
The Admin UI, this page of it also has a nice validate button here and also a revert, in case you make a mistake and need to get rid of those that certificate in key. So we can validate this and I have successful match with the certificate and hostname. The CN is correct. That is my DNS record and the issuer looks correct as well. So I'll go ahead and save those settings. Update the running server and the demon will restart and so you'll always have to log back in again. And as you can see that warning is gone. There are no certificate issues and this website now looks legit. It's that simple. Thanks for watching.
To learn more about Access Server: https://bit.ly/3DXfaQq
