OpenVPN Server and Windows CA?

Good day!

You need to get to work the following bundle:
Windows domain controller Server 2012 R2, and it also CA;
OpenVPN server on Debian;
Authorization in LDAP and OpenVPN keys, keys are created in CA;
OpenVPN clients not in the domain.

This scheme workable?
Can't find any instructions on this.
July 8th 19 at 16:00
1 answer
July 8th 19 at 16:02
Solution
This scheme workable?

Completely.

There is an article on Habre with a very detailed description of how to configure CA and generate keys. The only thing it uses is not Windows, but if You have your own Windows CA, you problems it shouldn't be. Then copy the generated keys and start the OpenVPN server.
In General, I advise you to begin setting up the OpenVPN on my article, as on Habre it is much too complex and convoluted for the novice.
Total:
As for the CA, keys and certificates - see article on Habre
Setup OpenVPN here
Authorization to AD - here
Thanks for the reply!
OpenVPN I have in General already working, LDAP authorization too. Difficulties arose with the certificates. In the case of local CA everything is clear and simple. In the case of Windows domain CA I have a problem with validation of the client certificate on the server side. In the opposite direction and it works.
And I don't quite understand where in the settings of the OpenVPN server the address of the CA server? I would be grateful for a hint. - Mylene38 commented on July 8th 19 at 16:05
> where in the OpenVPN settings server specifies the address of the CA server?
No where, it is not necessary to specify.
The General principle is:
1. Create on a host OVPN server private key file (.key) and certificate request (.req)
2. Pass .req file to the CA host.
3. CA issues a certificate and signs it.
4. Pass the certificate in OVPN server.
All well shown in the article on Habre in the section "Create a certification authority CA". Strongly recommend to read. Besides, look at the last thread of comments, someone asked about vindovyh CA - scot_Bartoletti11 commented on July 8th 19 at 16:08

Find more questions by tags OpenVPNWindows Server