Get OpenVPN running.
https://openvpn.net/community-downloads/
Which you can install with sudo apt update;sudo apt install openvpn.
It needs a config file where you can embed the self-signed certificates. So that looks like (I've mushed the certificates and private key in my example).You generate your CA, cert and private key using easy-rsa and store the same client and server files on both ends in /etc/openvpn (on your raspberry). Start the OpenVPN server with sudo systemctl enable servername@openvpn; systemctl start servername@openvpn (where servername matches the name of the config file you stored in /etc/openpvn).
https://openvpn.net/community-downloads/
Which you can install with sudo apt update;sudo apt install openvpn.
It needs a config file where you can embed the self-signed certificates. So that looks like (I've mushed the certificates and private key in my example).
Code:
clientdev tunproto udpremote some-server-somewhere.com resolv-retry infinitenobindpersist-keypersist-tunremote-cert-tls servercomp-lzoverb 3<ca>-----BEGIN CERTIFICATE-----MIIF... certificate authority certificate copied here ...... some data removed for security reasons ...S-----END CERTIFICATE-----</ca><cert>-----BEGIN CERTIFICATE-----MIIFojCCBIqgAwIBAgIBDzANBgkqhkiG9w0BAQsFADCBxzELMAkGA1UEBhMCR0IxEjAQBgNVBAgTCUhhbXBzaGlyZTEUMBIGA1UEBxMLQmFzaW5nc3Rva2UxIjAgBgNVBAoTGURhcmtzaWRlIExvZ2ljIChPbmUpIEx0ZC4xGDAWBgNVBAsTD0RhcmtzaWRlOkFwb2xsbzEPMA0GA1UEAxMGYXBvbGxvMR4wHAYDVQQpExVBcG9sbG8gQ2VydCBBdXRoIChDQSkxHzAdBgkqhkiG9w0BCQEWEGRsMWltc0BnbWFpbC5jb20wHhcNMjEwNzE2MjMxNjU2WhcNMzEwNzE0MjMxNjU2WjCBwjELMAkGA1UEBhMCR0IxEjAQBgNVBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBcmtzaWRlIExvZ2ljIChPbmUpIEx0ZC4xGDAWBgNVBAsTD0xBUFRPUC0wTE8zUjRFMzEYMBYGA1UEAxMPTEFQVE9QLTBMTzNSNEUzMRAwDgYDVQQpEwdFYXN5UlNBMR8wHQYJKoZIhvcNAQkBFhBkbDFpbXNAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XUd3hmSlqpe/DKlc+CZre+8WEaEilWTsfzlQ2AF/DYjvvNhuXcRkND1jqcUfM2gbDvT7HmIW/MFZvNYRtzWwlvOc+LUCDpSMzW6HmLABGFT0KH3DLbz/HogfuY3Gbt/eBbptrQLKiMa3dx+cfiIpNrHA14MmLzrgHelqKjULIHWPMxofV3gu1/89fNOpWpU7k/p7Ualn5Ni38NMUpVr8XEilKqJpKpf7c6tCYfEUcpaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaLcjXLFTYfZiDGlhxeRd+uyE/IcHpZU0QShNtaxb0SwIDAQABo4IBmjCCAZYwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRHupoFVtSqJBsP9pc34n116iZhgjCB/AYDVR0jBIH0MIHxgBQ7BzqdwB+xYdbKdhvCKOqorwuZf6GBzaSByjCBxzELMAkGA1UEBhMCR0IxEjAQBgNVBAgTCUhhbXBzaGlyZTEUMBIGA1UEBxMLQmFzaW5nc3Rva2UxIjAgBgNVBAoTGURhcmtzaWRlIExvZ2ljIChPbmUpIEx0ZC4xGDAWBgNVBAsTD0RhcmtzaWRlOkFwb2xsbzEPMA0GA1UEAxMGYXBvbGxvMR4wHAYDVQQpExVBcG9sbG8gQ2VydCBBddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddA1HVCjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwGgYDVR0RBBMwEYIPTEFQVE9QLTBMTzNSNEUzMA0GCSqGSIb3DQEBCwUAA4IBAQDml7EYmZBhpkNJiD44VWogzYeknCYbda9o1fFfI09RAEToQ8tG4ZBlQeQIve85yp5Xo41TCkG23t/FJFcq/8l1veQZouKukO8JPESag9h3P0nMgsnkF+7rdNN1Uw84czIRxg86S4p8uKYbEegz3ppq6bYE+5D0A/+kmzUvKbCeNstD8jf1yvbVyBLOUgTYhtpirhM4BosHj2+sXqOM24MqDdN8RzfWAgLvx7HpplZI78a9D6r8wAvaV3tlBTVte6INjQuzVrXqdf5amnV8CIuuXnjh+rbQzNDQa8wkGD02hQEY5H3+W7p9EhErEGKPkdgGX1nSsJGCterfm/8iSXMT-----END CERTIFICATE-----</cert><key>-----BEGIN PRIVATE KEY-----MIIE... private key copied in here ...... some data removed for security reasons ....=-----END PRIVATE KEY-----</key>Statistics: Posted by DougieLawson — Sun Jul 21, 2024 10:54 am