Install OpenVPN
sudo aptitude install openvpn
# open port 1194 (as shown here for the ufw firewall interface):
sudo ufw allow 1194
Become an Certificate Authority
Alternative to this way: Use TinyCA (there are Ubuntu packages available).
sudo mkdir /etc/openvpn/easy-rsa/
sudo cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
sudo chown -R $USER /etc/openvpn/easy-rsa/
cat << EOF | sudo tee -a /etc/openvpn/easy-rsa/vars >/dev/null
export KEY_COUNTRY="DE"
export KEY_PROVINCE="Hesse"
export KEY_CITY="Frankfurt"
export KEY_ORG="Your Organization"
export KEY_EMAIL="contact@example.org"
EOF
create the server certificates:
cd /etc/openvpn/easy-rsa/
source vars
./clean-all
./build-dh
./pkitool --initca
./pkitool --server server
cd keys
openvpn --genkey --secret ta.key
sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/
After making changes to the configuration restart the server: