We have a eFive OpenVPN server which gives me a CA cert, usernames and passwords for the account. In addition, I have a RUT550 LTE router, from Teltonika, whose OpenVPN client setting allows static authentication, or TLS authentication, the latter of which allows me to put in a CA cert and client certificate and key.
Is it possible to use the username and password authentication method provided to me, to use/convert to a client certificate and key? If so, could you please let me know how this would be possible?
Thanks!
Best Answer
It's not possible.
Client certificates have to be created by a ca the openvpn server trusts.
Update:
I now had a look at the eFive docs. It seems like eFive OpenVPN Appliance only supports password authentication for clients. OpenVPN supports client certificates, password authentification and using both together.
And, as I saw looking at the RUT550 docs: PreShared-Key auth, which is not a solution for your problem.
So the answer is: Your devices are both based on OpenVPN, but they are not compatible.
For creating client certs you need the private key (not just the public certificate) of the CA.