Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##############################################
- # Sample client-side OpenVPN 2.0 config file #
- # for connecting to multi-client server. #
- # #
- # This configuration can be used by multiple #
- # clients, however each client should have #
- # its own cert and key files. #
- # #
- # On Windows, you might want to rename this #
- # file so it has a .ovpn extension #
- ##############################################
- # Specify that we are a client and that we
- # will be pulling certain config file directives
- # from the server.
- client
- # Use the same setting as you are using on
- # the server.
- # On most systems, the VPN will not function
- # unless you partially or fully disable
- # the firewall for the TUN/TAP interface.
- ;dev tap
- dev tun
- # Windows needs the TAP-Win32 adapter name
- # from the Network Connections panel
- # if you have more than one. On XP SP2,
- # you may need to disable the firewall
- # for the TAP adapter.
- ;dev-node MyTap
- # Are we connecting to a TCP or
- # UDP server? Use the same setting as
- # on the server.
- ;proto tcp
- proto udp
- # The hostname/IP and port of the server.
- # You can have multiple remote entries
- # to load balance between the servers.
- remote 74.65.24.54 1194
- ;remote my-server-2 1194
- # Choose a random host from the remote
- # list for load-balancing. Otherwise
- # try hosts in the order specified.
- ;remote-random
- # Keep trying indefinitely to resolve the
- # host name of the OpenVPN server. Very useful
- # on machines which are not permanently connected
- # to the internet such as laptops.
- resolv-retry infinite
- # Most clients don't need to bind to
- # a specific local port number.
- nobind
- # Downgrade privileges after initialization (non-Windows only)
- user nobody
- group nogroup
- # Try to preserve some state across restarts.
- persist-key
- persist-tun
- # If you are connecting through an
- # HTTP proxy to reach the actual OpenVPN
- # server, put the proxy server/IP and
- # port number here. See the man page
- # if your proxy server requires
- # authentication.
- ;http-proxy-retry # retry on connection failures
- ;http-proxy [proxy server] [proxy port #]
- # Wireless networks often produce a lot
- # of duplicate packets. Set this flag
- # to silence duplicate packet warnings.
- ;mute-replay-warnings
- # SSL/TLS parms.
- # See the server config file for more
- # description. It's best to use
- # a separate .crt/.key file pair
- # for each client. A single ca
- # file can be used for all clients.
- #ca ca.crt
- #cert client.crt
- #key client.key
- # Verify server certificate by checking that the
- # certicate has the correct key usage set.
- # This is an important precaution to protect against
- # a potential attack discussed here:
- # http://openvpn.net/howto.html#mitm
- #
- # To use this feature, you will need to generate
- # your server certificates with the keyUsage set to
- # digitalSignature, keyEncipherment
- # and the extendedKeyUsage to
- # serverAuth
- # EasyRSA can do this for you.
- remote-cert-tls server
- # If a tls-auth key is used on the server
- # then every client must also have the key.
- ;tls-auth ta.key 1
- # Select a cryptographic cipher.
- # If the cipher option is used on the server
- # then you must also specify it here.
- ;cipher x
- # Enable compression on the VPN link.
- # Don't enable this unless it is also
- # enabled in the server config file.
- comp-lzo
- # Set log file verbosity.
- verb 3
- # Silence repeating messages
- ;mute 20
- <ca>
- -----BEGIN CERTIFICATE-----
- MIIE5TCCA82gAwIBAgIJAIWtwPxeVzNQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYD
- VQQGEwJVUzELMAkGA1UECBMCTlkxFTATBgNVBAcTDFBPUlRBR0VWSUxMRTEUMBIG
- A1UEChMLQ0hQUkVDSVNJT04xDTALBgNVBAsTBEhPTUUxFzAVBgNVBAMTDkNIUFJF
- Q0lTSU9OIENBMQ8wDQYDVQQpEwZzZXJ2ZXIxJTAjBgkqhkiG9w0BCQEWFkphY29i
- VG93c2xleUBnbWFpbC5jb20wHhcNMTcxMjI4MTUwNDAwWhcNMjcxMjI2MTUwNDAw
- WjCBpzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMRUwEwYDVQQHEwxQT1JUQUdF
- VklMTEUxFDASBgNVBAoTC0NIUFJFQ0lTSU9OMQ0wCwYDVQQLEwRIT01FMRcwFQYD
- VQQDEw5DSFBSRUNJU0lPTiBDQTEPMA0GA1UEKRMGc2VydmVyMSUwIwYJKoZIhvcN
- AQkBFhZKYWNvYlRvd3NsZXlAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
- AQ8AMIIBCgKCAQEA8ExqjOMoPbqK73M7N8Z/weZc3+2dUMgJHfd6I9GCmFs6YLvw
- dhLKFXSk5tlUQwhiEosIRFyhQclf+gyCsMZ2fttHAVYRABQ7H9A5Gps5NdaiojfD
- aznibkkH7UY8bYvdM6KU/EFZsKnsUDKwM0+4t/GWJrd36Rg8pIPqNyUzFOpXA2fD
- lDIs74rIyFZKH8CPdgrEXRBitwHiyOlYzL2vKOg8vlfiETtoh4c0XaV3fM8WYYvS
- 45dxVpurR3QZFjCh3tT5q9BBpxEe4hYPM2yaYML/P+8ZZN5ayECdA8S3bFGLMN9U
- LzrmqUacsi+T5NpdBmT4cV7Kjq54jOSCNarK2wIDAQABo4IBEDCCAQwwHQYDVR0O
- BBYEFOgqkHRPF3kOpt2l7YDNFO6R5YO9MIHcBgNVHSMEgdQwgdGAFOgqkHRPF3kO
- pt2l7YDNFO6R5YO9oYGtpIGqMIGnMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkx
- FTATBgNVBAcTDFBPUlRBR0VWSUxMRTEUMBIGA1UEChMLQ0hQUkVDSVNJT04xDTAL
- BgNVBAsTBEhPTUUxFzAVBgNVBAMTDkNIUFJFQ0lTSU9OIENBMQ8wDQYDVQQpEwZz
- ZXJ2ZXIxJTAjBgkqhkiG9w0BCQEWFkphY29iVG93c2xleUBnbWFpbC5jb22CCQCF
- rcD8XlczUDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDGrauFh6P8
- GnZgnykwk30OiOfFGHntCL1voEawOg8h63mMzRx3idkfSGDrjQB9DpuLuExdtCfD
- GDrDlwkp+bDdMdTjGo0wygOzvF4DUKw0aHwZo3pH0loN/RRJJ1g3NXRydWfJcksv
- ctpL99J6xHDbdpE2xU7x3q4nKVHTElFvcbh0GL868+AGU9RqHipcFSfPwWr06NSR
- Z1S86+X5jxeTfe0hhVW77TPaMydMOMGddnTdsK0YtE+S8CxErmtiVtx3Sj/EB8ua
- 3K/uvRLYAjmHNupnun5IVZQpQuBa+xI7P2a08kxfjNd8eMas16TOUrFCF9LY2h7k
- qFJBEZ9Sjwui
- -----END CERTIFICATE-----
- </ca>
- <cert>
- Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=NY, L=PORTAGEVILLE, O=CHPRECISION, OU=HOME, CN=CHPRECISION CA/name=server/emailAddress=JacobTowsley@gmail.com
- Validity
- Not Before: Dec 28 15:55:38 2017 GMT
- Not After : Dec 26 15:55:38 2027 GMT
- Subject: C=US, ST=NY, L=PORTAGEVILLE, O=CHPRECISION, OU=HOME, CN=client/name=server/emailAddress=JacobTowsley@gmail.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (2048 bit)
- Modulus:
- 00:ab:ec:40:a7:4e:b5:e3:e4:17:0a:72:46:fb:d7:
- 52:dd:9e:de:d8:f2:59:54:3b:4f:c0:4a:8d:69:e8:
- bf:97:d3:56:1d:8a:b5:6f:c1:b1:01:96:7a:f4:fa:
- 08:4c:3b:40:92:4a:1b:b9:0c:94:1d:af:c9:cb:3c:
- fa:fb:bb:0e:61:29:77:ad:0f:a1:cc:1d:48:ae:db:
- 0f:61:e9:f5:19:88:eb:8a:e8:a6:b8:c7:8b:df:b4:
- 8d:a5:af:43:f5:c4:7d:52:1c:24:f7:4d:ee:d9:74:
- 21:8c:d3:ed:fa:9d:2a:80:a5:d4:56:49:cf:be:8c:
- 64:cd:e4:ff:4a:bf:3e:37:b2:9f:b8:b6:22:59:76:
- 1b:79:e4:e7:d0:ff:c7:fe:f6:0f:aa:e6:f3:6b:9b:
- 75:b1:47:b2:0f:e3:64:a6:1c:32:f3:13:27:da:bb:
- fa:71:c1:c8:72:e3:6f:ea:92:52:bc:fc:a8:87:67:
- 2f:2d:79:f0:23:0c:bc:ce:83:cb:b4:44:20:81:87:
- cd:00:f7:ba:84:99:b5:8c:43:cc:d1:e8:e4:f0:8c:
- 90:eb:e6:e5:9e:62:7a:00:84:93:a2:9c:80:cd:22:
- 47:5b:95:f0:eb:f7:44:73:6c:28:5d:bd:4e:e8:15:
- 5b:1c:ca:0d:ab:c4:f7:77:31:57:1a:fb:7f:1f:e1:
- 90:4b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- Easy-RSA Generated Certificate
- X509v3 Subject Key Identifier:
- 22:0E:2F:36:F7:F3:3F:85:F9:4E:13:A6:2D:B5:7D:35:BE:41:71:E1
- X509v3 Authority Key Identifier:
- keyid:E8:2A:90:74:4F:17:79:0E:A6:DD:A5:ED:80:CD:14:EE:91:E5:83:BD
- DirName:/C=US/ST=NY/L=PORTAGEVILLE/O=CHPRECISION/OU=HOME/CN=CHPRECISION CA/name=server/emailAddress=JacobTowsley@gmail.com
- serial:85:AD:C0:FC:5E:57:33:50
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- X509v3 Subject Alternative Name:
- DNS:client
- Signature Algorithm: sha256WithRSAEncryption
- e2:b2:b8:96:c3:a0:ee:ed:f8:b4:b4:cf:32:b4:9f:d6:ca:d7:
- 72:a1:99:f5:61:1b:05:ac:52:dd:3a:1a:ad:58:c0:ca:83:21:
- ed:3e:e6:ef:54:fc:b0:31:e7:11:22:c0:1f:ed:ff:21:06:7b:
- 18:10:34:79:e6:a6:04:b4:41:e1:e9:8b:32:f1:8a:5b:17:07:
- d1:9d:df:7b:14:32:bf:96:36:b8:6e:0c:a4:89:c2:40:93:11:
- 9f:a0:d5:af:12:51:0c:d0:a6:e9:41:3b:38:56:9f:ca:5e:ed:
- ac:a1:31:82:cb:4c:9e:58:71:61:20:38:cb:9e:8c:fb:67:dd:
- 6e:8b:06:e0:7b:0f:75:9d:84:68:d0:f4:df:38:5b:5d:7a:de:
- bc:33:59:da:95:3f:dc:11:7b:26:d4:dd:bc:65:ef:13:2b:7c:
- 57:14:0b:8c:09:56:d2:32:a3:d2:91:e0:4f:39:95:ed:56:7f:
- f5:7d:bb:1c:01:68:c9:24:56:77:0c:8d:5e:6d:ab:a7:2e:90:
- 02:6f:dd:7f:a4:96:91:1e:47:1e:8f:d4:f0:59:60:78:8b:37:
- 33:1d:18:19:6f:0a:5c:0b:b4:a1:39:77:5e:c5:17:2d:07:89:
- 06:bc:7e:59:8f:e6:d7:bc:7e:85:c5:b7:b5:d7:50:0d:35:26:
- 65:5d:cf:96
- -----BEGIN CERTIFICATE-----
- MIIFNjCCBB6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx
- CzAJBgNVBAgTAk5ZMRUwEwYDVQQHEwxQT1JUQUdFVklMTEUxFDASBgNVBAoTC0NI
- UFJFQ0lTSU9OMQ0wCwYDVQQLEwRIT01FMRcwFQYDVQQDEw5DSFBSRUNJU0lPTiBD
- QTEPMA0GA1UEKRMGc2VydmVyMSUwIwYJKoZIhvcNAQkBFhZKYWNvYlRvd3NsZXlA
- Z21haWwuY29tMB4XDTE3MTIyODE1NTUzOFoXDTI3MTIyNjE1NTUzOFowgZ8xCzAJ
- BgNVBAYTAlVTMQswCQYDVQQIEwJOWTEVMBMGA1UEBxMMUE9SVEFHRVZJTExFMRQw
- EgYDVQQKEwtDSFBSRUNJU0lPTjENMAsGA1UECxMESE9NRTEPMA0GA1UEAxMGY2xp
- ZW50MQ8wDQYDVQQpEwZzZXJ2ZXIxJTAjBgkqhkiG9w0BCQEWFkphY29iVG93c2xl
- eUBnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr7ECn
- TrXj5BcKckb711Ldnt7Y8llUO0/ASo1p6L+X01YdirVvwbEBlnr0+ghMO0CSShu5
- DJQdr8nLPPr7uw5hKXetD6HMHUiu2w9h6fUZiOuK6Ka4x4vftI2lr0P1xH1SHCT3
- Te7ZdCGM0+36nSqApdRWSc++jGTN5P9Kvz43sp+4tiJZdht55OfQ/8f+9g+q5vNr
- m3WxR7IP42SmHDLzEyfau/pxwchy42/qklK8/KiHZy8tefAjDLzOg8u0RCCBh80A
- 97qEmbWMQ8zR6OTwjJDr5uWeYnoAhJOinIDNIkdblfDr90RzbChdvU7oFVscyg2r
- xPd3MVca+38f4ZBLAgMBAAGjggFxMIIBbTAJBgNVHRMEAjAAMC0GCWCGSAGG+EIB
- DQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFCIO
- Lzb38z+F+U4Tpi21fTW+QXHhMIHcBgNVHSMEgdQwgdGAFOgqkHRPF3kOpt2l7YDN
- FO6R5YO9oYGtpIGqMIGnMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxFTATBgNV
- BAcTDFBPUlRBR0VWSUxMRTEUMBIGA1UEChMLQ0hQUkVDSVNJT04xDTALBgNVBAsT
- BEhPTUUxFzAVBgNVBAMTDkNIUFJFQ0lTSU9OIENBMQ8wDQYDVQQpEwZzZXJ2ZXIx
- JTAjBgkqhkiG9w0BCQEWFkphY29iVG93c2xleUBnbWFpbC5jb22CCQCFrcD8Xlcz
- UDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0RBAowCIIG
- Y2xpZW50MA0GCSqGSIb3DQEBCwUAA4IBAQDisriWw6Du7fi0tM8ytJ/WytdyoZn1
- YRsFrFLdOhqtWMDKgyHtPubvVPywMecRIsAf7f8hBnsYEDR55qYEtEHh6Ysy8Ypb
- FwfRnd97FDK/lja4bgykicJAkxGfoNWvElEM0KbpQTs4Vp/KXu2soTGCy0yeWHFh
- IDjLnoz7Z91uiwbgew91nYRo0PTfOFtdet68M1nalT/cEXsm1N28Ze8TK3xXFAuM
- CVbSMqPSkeBPOZXtVn/1fbscAWjJJFZ3DI1ebaunLpACb91/pJaRHkcej9TwWWB4
- izczHRgZbwpcC7ShOXdexRctB4kGvH5Zj+bXvH6Fxbe111ANNSZlXc+W
- -----END CERTIFICATE-----
- </cert>
- <key>
- -----BEGIN PRIVATE KEY-----
- MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCr7ECnTrXj5BcK
- ckb711Ldnt7Y8llUO0/ASo1p6L+X01YdirVvwbEBlnr0+ghMO0CSShu5DJQdr8nL
- PPr7uw5hKXetD6HMHUiu2w9h6fUZiOuK6Ka4x4vftI2lr0P1xH1SHCT3Te7ZdCGM
- 0+36nSqApdRWSc++jGTN5P9Kvz43sp+4tiJZdht55OfQ/8f+9g+q5vNrm3WxR7IP
- 42SmHDLzEyfau/pxwchy42/qklK8/KiHZy8tefAjDLzOg8u0RCCBh80A97qEmbWM
- Q8zR6OTwjJDr5uWeYnoAhJOinIDNIkdblfDr90RzbChdvU7oFVscyg2rxPd3MVca
- +38f4ZBLAgMBAAECggEBAKp7kHFYIA5oNGDriXBayZVy4VEIoYRhfGgWhbysTLFl
- pFOPJPQ5giks66jZ+Dh/2Tw3uN37lzUJCHY9djUB/PRkhoRap/scXuLl348czSwR
- FmGc6xb46b9f78aI0j94JT2zIwUJhvyjqFFaJvcJuwfvaWxXrWYrGhsCJhYdJrlb
- C+tbZCLQqPU2b/ARMOWqgYiKnWSbGTsokE6obFqfDBRaVu1c2jptTHKkKixzhDum
- eEqG0oqwQD5JWpP4RsdefYDPSWNQYvOZtSGXwGn1GPfsbgr+P/4vJ44UwHTYPtwq
- J2IbkY7hE+FiTZEL0cjDxEEubLdZr+dyIqyFfizVkwECgYEA0vEJ69RU+9AoW97C
- ZU9AwPJLNBjdNyNgQqtLRXDWNxYq3SBim/r8L7MFmuffqHYPhFqz+icRN22Knr3L
- 1KVC8ER+RUfBfXXyQSgglALRuCWFWjYBkfkUnynKJJgeWfL7pocWNHnb72oWx+Kj
- LAh9mBviUOnz+O10AaYSFBtR4iECgYEA0KWL2cBXE2GSrSrZb8TbLJR6QbKa9S6V
- mL3ih3lsd4pA8TcIfb5zgiePL9iGs3t25yEHG45g/TmjXFy/3TgLxgZfugpSFmft
- 5nUCdKmBNNc78Z6THKsvS68NMamB1wrl9txlsQc342ehC4HbNVaI0gAPP2/G+daL
- tRsAylpPfOsCgYABI7AsB++VlKBDLsbaCT2OTUC+vUukmppQgeBcNanSjloY663c
- rdRi5ZKoLYx1un2G9351YXSkWgEfrmLFeUcNSTFtal/PL63pUDAs3H8JgZpgzF3h
- zfigi3c+D1xKnBdj5OLn0aiweGA7ICxFdp5HDg+A5GKe+5le0OjUFvmwQQKBgQCd
- X8CUhdcn7zjLFL7c5wbKIVP1qdnnhTOg+dibhqKhp85EItZswfIuAdimphMz3bRZ
- sTfDOSk+1vK4/9xX56Y5vyUFFjPEYq+2XBt2E0Q5rv6vyIP948DQvUCebNRadwXt
- pV+un1swU0HNhCzrllGs1A6sMotKduD5wVxfRK8f8QKBgQCnPRT3Nn/EiJopxTEB
- Xw1Z24WZq5X8Mr2j9U7AyeEwdCl4xxebYFaMC9WX4BvM2BufZPGiRswRAvPg/4Cc
- IWAZWXopQaold3sndOJHoKRuiMuoXvkDNLipMleEPZS1/uYnCxYyGlWOOWlQF9/d
- jz7IjTjS3sprD/BsIzcqOdFQDQ==
- -----END PRIVATE KEY-----
- </key>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement