evo primjera konfiguracionog fajla za klijente OpenVPN-a:
client
dev tap
#dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name
proto udp
remote 100.103.97.87 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config
route 192.168.100.0 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\Keys\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\Keys\\test.crt" # Change the next two lines to match the files in the keys directory. This should be be different for each client.
key "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\Keys\\test.key" # This file should be kept secret
ns-cert-type server
cipher BF-CBC # Blowfish (default) encrytion
comp-lzo
verb 1
Kao sto vidite, ovdje se moraju navesti putanje do fajlova koji sadrze sertifikate. Da li postoji nacin da se sertifikati sadrze u ovom fajlu (npr. da se navedu kao tekst)? Na ovaj nacin bi distribucija podesavanja za korisnike bila dosta laksa i svela bi se samo na kopiranje .ovpn fajla u folder Config kod klijenta.
Hvala