TurnKey OpenVPN

Resources and references

• Official OpenVPN documentation
• Official OpenVPN app for Android
• Official OpenVPN app for iOS
• TurnKey OpenVPN release notes
• TurnKey OpenVPN Usage documentation

Note to AWS Marketplace users, who have NOT enabled root:
some of these commands may require root privileges, so may need to be prefixed with sudo.

Create a client profile

openvpn-addclient client-name client-email [private-subnet]

Create auto-expiring obfuscated client profile download url

/var/www/openvpn/bin/addprofile client-name

Manually trigger deletion of expired profile download urls

/etc/cron.hourly/openvpn-profiles-delexpired

Revoke client certificate

source /etc/openvpn/easy-rsa/vars
/etc/openvpn/easy-rsa/revoke-full client-name