KEY_ORG: This should be the name of your organization or company.KEY_CITY: Here, enter the name of the city you live in.KEY_PROVINCE: This should be the name or abbreviation of the state of your residence.KEY_COUNTRY: For this variable, enter the two-letter abbreviation of the country of your residence.The other variables in this file that you may want to change are: If you enter something else, you would also have to update the configuration files that reference server.key and server.crt. KEY_NAME: You should enter server here.KEY_CN: Here, enter the domain or subdomain that resolves to your server.Scroll to the bottom of the file and change the values that start with export KEY_ to match your information. Log in to the server as the non-root sudo user, and update the package lists to make sure you have all the latest versions. We’ll also use Easy RSA to generate our SSL key pairs later on to secure the VPN connections.
We’ll also install Easy RSA, a public key infrastructure management tool which will help us set up an internal certificate authority (CA) for use with our VPN. To start, we will install OpenVPN on the server. With these prerequisites in place, you are ready to begin setting up and configuring an OpenVPN server on CentOS 7. For the purposes of this tutorial, it’s recommend that you use your local machine as the OpenVPN client. Note that just adding an A record will meet the requirements of this tutorial.Ī client machine which you will use to connect to your OpenVPN server. To set this up, you will first need to register a domain name and then add a DNS record via the DigitalOcean Control Panel. One CentOS 7 server with a sudo non-root user and a firewall set up with firewalld, which you can achieve with our Initial Server Setup with CentOS 7 guide and the Additional Recommended Steps for New CentOS 7 Servers.Ī domain or subdomain that resolves to your server that you can use for the certificates.