{"id":2174,"date":"2024-01-17T09:41:31","date_gmt":"2023-06-13T11:00:48","guid":{"rendered":""},"modified":"2025-02-02T00:46:18","modified_gmt":"2025-02-01T23:46:18","slug":"how-to-install-openvpn-server-and-client-with-easy-rsa-3-on-centos-8","status":"publish","type":"post","link":"https:\/\/netcloud24.com\/knowledgebase\/how-to-install-openvpn-server-and-client-with-easy-rsa-3-on-centos-8\/","title":{"rendered":"Linux VPS &#038; VPS Windows Setup Guide | NetCloud24 OpenVPN Server and Client with Easy-RSA 3 on CentOS 8"},"content":{"rendered":"<p>\u00a0<\/p>\n<\/p>\n<header>\n<h1>\u00a0<\/h1>\n<\/header>\n<article>\n<section>\n<h2>Introduction<\/h2>\n<p>OpenVPN is a robust and highly flexible VPN solution that allows for secure point-to-point or site-to-site connections. In this guide, you will learn how to install and configure OpenVPN server and client on CentOS 8 using Easy-RSA 3. This setup can be effectively hosted on a  for optimal security and performance.<\/p>\n<\/section>\n<section>\n<h2>Prerequisites<\/h2>\n<ul>\n<li>A CentOS 8 server with root access<\/li>\n<li>Basic knowledge of Linux commands<\/li>\n<li>An active internet connection<\/li>\n<\/ul>\n<\/section>\n<section>\n<h2>Step 1: Update Your System<\/h2>\n<p>Start by updating your package index and upgrading existing packages:<\/p>\n<pre><code>sudo dnf update -y<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 2: Install OpenVPN and Easy-RSA<\/h2>\n<p>Install the OpenVPN and Easy-RSA packages:<\/p>\n<pre><code>sudo dnf install epel-release -y\r\nsudo dnf install openvpn easy-rsa -y<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 3: Set Up the Easy-RSA PKI<\/h2>\n<p>Create a directory for the Easy-RSA configuration files:<\/p>\n<pre><code>make-cadir ~\/easy-rsa<\/code><\/pre>\n<p>Navigate to the Easy-RSA directory:<\/p>\n<pre><code>cd ~\/easy-rsa<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 4: Configure Easy-RSA Variables<\/h2>\n<p>Edit the <code>vars<\/code> file to set up the certificate authority:<\/p>\n<pre><code>nano vars<\/code><\/pre>\n<p>Modify the following variables to match your organization&#8217;s information:<\/p>\n<pre><code>export KEY_COUNTRY=\"US\"\r\nexport KEY_PROVINCE=\"CA\"\r\nexport KEY_CITY=\"San Francisco\"\r\nexport KEY_ORG=\"Your Organization\"\r\nexport KEY_EMAIL=\"email@example.com\"\r\nexport KEY_OU=\"Your Organizational Unit\"<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 5: Build the CA<\/h2>\n<p>Source the <code>vars<\/code> file and build the CA:<\/p>\n<pre><code>source vars\r\n.\/clean-all\r\n.\/build-ca<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 6: Generate Server Certificate and Key<\/h2>\n<p>Generate the server certificate and key:<\/p>\n<pre><code>.\/build-key-server server<\/code><\/pre>\n<p>When prompted, answer the questions and be sure to sign the certificate.<\/p>\n<\/section>\n<section>\n<h2>Step 7: Generate Diffie-Hellman Parameters<\/h2>\n<p>Generate the Diffie-Hellman parameters:<\/p>\n<pre><code>.\/build-dh<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 8: Generate the HMAC Key<\/h2>\n<p>Generate the HMAC key to add an additional layer of security:<\/p>\n<pre><code>openvpn --genkey --secret keys\/ta.key<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 9: Configure the OpenVPN Server<\/h2>\n<p>Copy the server configuration file to the OpenVPN directory:<\/p>\n<pre><code>sudo cp \/usr\/share\/doc\/openvpn\/sample\/sample-config-files\/server.conf \/etc\/openvpn\/server.conf<\/code><\/pre>\n<p>Edit the server configuration file:<\/p>\n<pre><code>sudo nano \/etc\/openvpn\/server.conf<\/code><\/pre>\n<p>Uncomment the following lines:<\/p>\n<pre><code>ca ca.crt\r\ncert server.crt\r\nkey server.key\r\ndh dh.pem\r\n<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 10: Start the OpenVPN Server<\/h2>\n<p>Start the OpenVPN server and enable it to run at boot:<\/p>\n<pre><code>sudo systemctl start openvpn@server\r\nsudo systemctl enable openvpn@server<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 11: Configure Client<\/h2>\n<p>Generate a client certificate and key:<\/p>\n<pre><code>.\/build-key client1<\/code><\/pre>\n<p>Copy the client configuration file:<\/p>\n<pre><code>cp \/usr\/share\/doc\/openvpn\/sample\/sample-config-files\/client.conf ~\/client.ovpn<\/code><\/pre>\n<p>Edit the <code>client.ovpn<\/code> file with your server&#8217;s information:<\/p>\n<pre><code>remote your_server_ip 1194<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 12: Connect to the OpenVPN Server<\/h2>\n<p>Transfer the <code>client.ovpn<\/code> file to your client device and use OpenVPN to connect:<\/p>\n<pre><code>sudo openvpn --config client.ovpn<\/code><\/pre>\n<\/section>\n<section>\n<h2>Step 13: Conclusion<\/h2>\n<p>You have successfully installed an OpenVPN server and client using Easy-RSA 3 on CentOS 8. This setup provides a secure remote access solution and can greatly benefit from being hosted on a . For additional options, explore various  solutions, including <a href=\"https:\/\/ie.netcloud24.com\">Windows VPSVirtual Private Server Hosting<\/a> and <a href=\"https:\/\/ie.netcloud24.com\">Windows VPS Hosting UK<\/a> for optimal performance and security.<\/p>\n<\/section>\n<\/article>\n<footer>\n<p>\u00a9 2024 OpenVPN Installation Tutorial. All rights reserved.<\/p>\n<\/footer>\n<div class=\"post-author-box\" style=\"border-top:1px solid #ddd;margin-top:20px;padding-top:15px;\">\n<p><strong>Author:<\/strong> \u0141ukasz Bodziony<\/p>\n<p><strong>Website:<\/strong> <a href=\"https:\/\/ca.netcloud24.com\" target=\"_blank\" rel=\"dofollow\">Windows VPS<\/a><\/p>\n<p><em>\u0141ukasz Bodziony is the CEO and founder of <a href=\"https:\/\/netcloud24.com\" target=\"_blank\" rel=\"dofollow\">NETCLOUD24<\/a>, a global VPS hosting brand proudly originating from Poland. With extensive experience in cloud computing, virtualization, and server management, he delivers high-performance <strong>Windows VPS<\/strong> and <strong>Remote Desktop Services (RDS)<\/strong> solutions to clients across Europe, North America, and beyond.<\/em><\/p>\n<p><em>His expertise covers a wide range of technologies, including <strong>Microsoft Azure<\/strong>, <strong>Proxmox VE<\/strong>, <strong>Amazon Web Services (AWS)<\/strong>, and numerous other virtualization and cloud platforms.<\/em><\/p>\n<p><em>Beyond running his hosting business, \u0141ukasz also provides <strong>professional paid server configuration and optimization services<\/strong> for companies and individuals. Outside of work, he is dedicated to caring for his children and building a secure future for them.<\/em><\/p>\n<p><em>If you are interested in working with him or need expert assistance with your hosting, cloud environment, or server setup, feel free to reach out via <a href=\"https:\/\/ca.netcloud24.com\" target=\"_blank\" rel=\"dofollow\">Windows VPS<\/a>.<\/em><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0 \u00a0 Introduction OpenVPN is a robust and highly flexible VPN solution that allows for secure point-to-point or site-to-site connections. In this guide, you will learn how to\u2026<\/p>\n","protected":false},"author":1,"featured_media":3421,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[],"tags":[14,12,11,23,20,21,22,17,7,8,6,10,18,19,15,24,16,5,13,9],"class_list":["post-2174","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","tag-cheapvps","tag-cloudvps","tag-hostingvps","tag-rds","tag-rdscal","tag-remotedesktop","tag-remotedesktopvps","tag-servervps","tag-ukvps","tag-virtualserver","tag-vpshosting","tag-vpsserver","tag-vpssolutions","tag-vpswindows","tag-vpswithwindows","tag-windowsrds","tag-windowsserver","tag-windowsvps","tag-windowsvpshosting","tag-windowsvpsuk"],"jetpack_publicize_connections":[],"_links":{"self":[{"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/posts\/2174","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/comments?post=2174"}],"version-history":[{"count":0,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/posts\/2174\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/media\/3421"}],"wp:attachment":[{"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/media?parent=2174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/categories?post=2174"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/netcloud24.com\/knowledgebase\/wp-json\/wp\/v2\/tags?post=2174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}