Openvpn Setup on Ubuntu 18.04 Bionic Beaver Linux -

Learn how to install and configure Openvpn server on Ubuntu 18.04 Bionic Beaver.
This is a companion discussion topic for the original entry at




In the client configuration example, you refer to the client.key and client.crt, where are these files generated?


Egidio Docile -> Ed

They are generated inside the “certificates/keys” directory, where “certificates” it’s the name used for the directory generated with the make-cadir command in this tutorial. It’s the same directory where the keys and certificates for the server are generated.


Cary Bielenberg

I get this when I type source vars “-su: /root/certificates/openssl-1.0.0.cnf: Permission denied” and i’m logged in as root


Matt -> Cary Bielenberg

Hey Cary, I ran into the same issue. Since the variable was previously being populated by a command, you need to remove the backticks ( ) and replace them with quotes.


Egidio Docile -> Cary Bielenberg

You should use administrative privileges only when strictly necessary. I see you are trying to generate the certificates in the /root directory, which is the “home” of root, don’t do that. Work as a normal user and generate the files inside /home/youruser.


Ricky M

Hi, the server’s CRL has expired. How can I re-generate it without having to make any changes on the clients side. I noticed that in the openssl-1.0.0.cnf file the variable “default_crl_days=” was set to just 30 days. I think this is the solution but I couldnt run it in my installation:


What error do you receive when you run the command?


‘Activating’ instead of ‘Active’ was returned after checking the server status. Any suggestions as to what could have caused this?