OpenVPN Access Server Letsencrypt
#!/bin/sh | |
apt-get -y install git bc | |
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt | |
mkdir /etc/letsencrypt |
#!/bin/sh | |
# https://www.sideras.net/lets-encrypt-https-certificates-for-openvpn-as-access-server/ | |
DOMAIN="vpn.server.com" | |
set -eu | |
/etc/init.d/openvpnas stop | |
/opt/letsencrypt/letsencrypt-auto certonly -c /etc/letsencrypt/vpn.server.com.ini | |
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v "`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`" | |
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v "`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`" > /dev/null | |
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v "`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`" | |
/etc/init.d/openvpnas start |
rsa-key-size = 2048 | |
email = server@server.com | |
domains = vpn.server.com | |
authenticator = standalone | |
standalone-supported-challenges = tls-sni-01 | |
agree-tos = True | |
keep-until-expiring = True |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment