.OpenVPNAS-LetsEncrypt

Summary: Configuring OpenVPN AS to use LetsEncrypt

1-steps.md

1. Run letsencrypt-setup.sh once.

2. Set up a cron job to renew the cert:

sudo EDITOR=nano crontab -e

3. This will open an editor, and paste the following in:

0 4 1 */3 * sudo certbot -q renew

and hit ctrl+o to save it

4. Done!

letsencrypt-setup.sh

#!/bin/sh

# Install LetsEncrypt Certbot and symlink it
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot


DOMAIN="mydomainnamehere.test.com"

set -eu

sudo service openvpnas stop

sudo certbot certonly --standalone --agree-tos --non-interactive \
  --email [email protected] \
  --domains $DOMAIN \
  --pre-hook 'sudo service openvpnas stop' \
  --post-hook 'sudo service openvpnas start'

sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/cert.pem /usr/local/openvpn_as/etc/web-ssl/server.crt

sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/privkey.pem /usr/local/openvpn_as/etc/web-ssl/server.key

sudo service openvpnas start