Make sure your package repositories and installed programs are up to date by issuing the following commands:
apt-get upgrade --show-upgraded
Begin by installing the OpenVPN software and the udev dependency with the following command:
apt-get install openvpn udev
The OpenVPN package provides a set of encryption-related tools called "easy-rsa". These scripts are located by default in the /usr/share/doc/openvpn/examples/easy-rsa/ directory. However, in order to function properly, these scripts should be located in the /etc/openvpn directory. Copy these files with the following command:
cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn
Most of the relevant configuration for the OpenVPN public key infrastructure is contained in /etc/openvpn/easy-rsa/2.0/, and much of our configuration will be located in this directory.
Configure Public Key Infrastructure Variables
Before you can generate the public key infrastructure for OpenVPN, you must configure a few variables that the easy-rsa scripts will use to generate the scripts. These variables are set near the end of the /etc/openvpn/easy-rsa/2.0/vars file. Here is an example of the relevant values:
export KEY_ORG="My Organization"