--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 26:84:6a:96:d0:db:00:70:3b:7d:c8:aa:d6:0a:5b:07
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:12:51 2019 GMT
+ Not After : Jul 14 13:12:51 2022 GMT
+ Subject: CN=akosztolanyi
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:97:d4:89:82:0c:1b:ad:c4:4b:dd:4c:19:a5:f5:
+ d8:3c:42:9d:d2:b0:0d:9e:6c:a6:a8:62:9a:bf:fd:
+ 78:9d:76:f4:02:ad:51:9f:97:12:59:bc:c1:a3:a0:
+ 17:35:76:2f:74:ea:b9:d3:72:4b:35:94:40:f3:7e:
+ b5:1c:af:51:d1:b4:d3:7a:69:3d:7f:1e:51:97:fe:
+ e3:4a:ec:01:c6:e9:89:e9:8e:b7:94:a3:72:12:6e:
+ 66:c5:a2:de:ad:27:e2
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ E9:6C:48:68:A1:BA:B9:7D:A3:9C:BF:89:F3:87:51:9B:B1:6C:9B:16
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:6c:e9:e9:01:19:c4:53:40:ff:e6:bb:36:1f:51:
+ cd:1f:40:88:1d:e2:b3:8d:61:48:5d:ec:de:f8:20:c1:21:b1:
+ 38:5e:0b:c3:f7:ae:9c:41:38:36:73:a0:06:b6:a4:55:02:31:
+ 00:cc:50:fa:3f:7a:6c:6b:90:bf:6a:c6:af:1e:94:88:b7:90:
+ 5d:b7:27:cf:b3:28:bc:ee:31:99:f0:9b:87:48:06:d2:6d:24:
+ f0:d1:ad:be:94:b8:22:64:63:0f:d0:2d:85
+-----BEGIN CERTIFICATE-----
+MIICEzCCAZmgAwIBAgIQJoRqltDbAHA7fciq1gpbBzAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMjUxWhcNMjIwNzE0
+MTMxMjUxWjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAASX1ImCDButxEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZ
+vMGjoBc1di906rnTcks1lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3IS
+bmbFot6tJ+KjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU6WxIaKG6uX2jnL+J
+84dRm7FsmxYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
+GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
+EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gA
+MGUCMGzp6QEZxFNA/+a7Nh9RzR9AiB3is41hSF3s3vggwSGxOF4Lw/eunEE4NnOg
+BrakVQIxAMxQ+j96bGuQv2rGrx6UiLeQXbcnz7MovO4xmfCbh0gG0m0k8NGtvpS4
+ImRjD9AthQ==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAAawl07oNQMZCfcl3T
+oCd6VLq2esm4lDOpS6pk79zJuxrVrgWXWZ3DJdVPE939ZZyhZANiAASX1ImCDBut
+xEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZvMGjoBc1di906rnTcks1
+lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3ISbmbFot6tJ+I=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 29:f1:f8:31:17:93:d7:58:d5:ad:0e:ce:a7:26:70:33
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:13:11 2019 GMT
+ Not After : Jul 14 13:13:11 2022 GMT
+ Subject: CN=azsamboki
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:34:0d:f3:0e:e6:05:69:f3:24:7d:ef:19:0c:ce:
+ 04:bd:24:34:e3:8c:e5:2b:7e:3f:70:39:55:9b:2e:
+ 73:fa:c6:4e:44:42:95:69:82:13:85:98:63:5a:25:
+ dc:1c:b2:32:9c:97:01:b5:fb:c4:dd:59:05:8a:ab:
+ b6:c1:b2:13:03:0a:e3:8b:e7:ea:62:c1:71:1b:4f:
+ 20:74:9c:0b:df:46:56:6c:03:d5:8c:d8:4c:02:e9:
+ 6e:62:3a:1f:b3:0e:ba
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 19:A1:EF:03:DB:DF:4F:40:2A:FD:35:E0:C9:ED:DD:75:47:2F:32:1B
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:31:00:d2:08:c6:1b:75:81:72:2e:c6:46:cd:47:11:
+ 2e:7c:3e:ba:e2:75:1c:8c:48:e1:4f:ac:61:5b:07:26:97:cc:
+ 0a:38:7f:0d:e4:63:35:c6:a5:8e:39:f3:4c:18:79:6d:0a:02:
+ 30:54:57:e5:dd:49:2b:8e:3e:89:ef:87:2f:d4:f4:ef:a3:95:
+ 2d:f5:87:5a:3a:1f:93:58:7d:c5:fe:9a:45:f1:8f:d1:44:13:
+ 30:b0:07:c0:b6:80:35:3f:b8:a8:96:c7:8c
+-----BEGIN CERTIFICATE-----
+MIICEDCCAZagAwIBAgIQKfH4MReT11jVrQ7OpyZwMzAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzExWhcNMjIwNzE0
+MTMxMzExWjAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAAQ0DfMO5gVp8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNa
+JdwcsjKclwG1+8TdWQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5i
+Oh+zDrqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUGaHvA9vfT0Aq/TXgye3d
+dUcvMhswVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
+BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
+MQDSCMYbdYFyLsZGzUcRLnw+uuJ1HIxI4U+sYVsHJpfMCjh/DeRjNcaljjnzTBh5
+bQoCMFRX5d1JK44+ie+HL9T076OVLfWHWjofk1h9xf6aRfGP0UQTMLAHwLaANT+4
+qJbHjA==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDVEmbLHw/XijB+525e
+66kG1MP6JphJr44lPXVQvIujmajoE+MTm78fNuiGTdATr9uhZANiAAQ0DfMO5gVp
+8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNaJdwcsjKclwG1+8Td
+WQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5iOh+zDro=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 46:6e:f0:8c:89:77:64:34:62:2c:ea:be:e1:df:93:68
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:13:22 2019 GMT
+ Not After : Jul 14 13:13:22 2022 GMT
+ Subject: CN=bcsoka
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:a7:95:bf:6c:8e:0f:34:9c:ca:14:8b:33:4d:80:
+ 55:98:1e:10:c3:e9:84:7f:72:4d:f2:61:68:70:59:
+ c7:6f:6d:02:c4:22:cf:58:80:e7:35:18:6e:ee:11:
+ fe:29:01:c3:ea:79:85:83:e6:0c:6f:c5:d8:7f:9f:
+ d5:55:27:7b:a8:17:14:2d:94:e5:c4:a4:9f:ac:b8:
+ 38:02:c0:41:5a:1a:8a:63:e5:c3:52:27:62:57:0b:
+ 14:6b:36:cc:8e:51:3f
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 5A:57:D9:73:6A:27:49:66:7D:18:9E:2A:96:1F:4C:49:7E:AD:9C:15
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:2b:52:16:40:fb:43:11:6a:9a:45:62:58:5b:f5:
+ 19:34:3f:32:fe:f7:d0:82:4a:32:98:61:0f:22:22:99:9a:16:
+ b3:94:79:46:fe:a2:7a:9c:9a:86:a6:31:4e:72:f4:54:02:31:
+ 00:94:2c:a6:21:e6:78:73:3e:d9:93:89:c6:72:72:8e:1d:17:
+ 87:07:27:22:2c:5d:2c:00:f1:38:1f:17:fb:0e:c1:c9:52:80:
+ 52:ba:1c:79:93:69:c1:59:0e:f0:a0:cd:76
+-----BEGIN CERTIFICATE-----
+MIICDTCCAZOgAwIBAgIQRm7wjIl3ZDRiLOq+4d+TaDAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzIyWhcNMjIwNzE0
+MTMxMzIyWjARMQ8wDQYDVQQDDAZiY3Nva2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AASnlb9sjg80nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4p
+AcPqeYWD5gxvxdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyO
+UT+jgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUWlfZc2onSWZ9GJ4qlh9MSX6t
+nBUwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
+BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
+BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMCtS
+FkD7QxFqmkViWFv1GTQ/Mv730IJKMphhDyIimZoWs5R5Rv6iepyahqYxTnL0VAIx
+AJQspiHmeHM+2ZOJxnJyjh0XhwcnIixdLADxOB8X+w7ByVKAUroceZNpwVkO8KDN
+dg==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDW2V2Xoel5TxZHAr05
+sZS3frZowpcmgSGHc5yQagP0O0qR6qZFC78bee0wsOy/fG2hZANiAASnlb9sjg80
+nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4pAcPqeYWD5gxv
+xdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyOUT8=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 6c:ec:ac:4a:d5:4f:bc:03:e4:72:a5:9b:07:27:af:32
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Oct 8 08:57:29 2019 GMT
+ Not After : Sep 22 08:57:29 2022 GMT
+ Subject: CN=bme
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:86:d3:5d:6e:be:3e:91:90:d7:a3:2c:d2:6a:2a:
+ 4f:bb:cd:52:4e:46:5b:1b:60:f0:cb:aa:5b:b4:88:
+ 71:f4:71:00:e4:b8:cb:74:ce:b8:9d:c1:fd:5c:69:
+ a7:28:66:21:43:11:4a:35:06:cb:1c:57:0b:37:9b:
+ f1:2f:78:2a:d2:1d:01:49:66:71:25:74:74:0e:be:
+ 93:75:40:6c:cb:0a:81:0e:23:7c:b7:f9:9b:e1:d0:
+ c4:d2:1c:6d:da:ca:f2
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ F9:F8:F4:23:C5:01:A0:4F:6A:66:BB:D9:A0:AB:2E:5A:4D:05:10:96
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:64:02:30:1c:97:83:ea:9d:3f:9e:9b:99:26:1f:42:df:01:
+ b0:d5:33:0b:b5:40:9d:be:20:1c:c2:ef:ab:7e:1b:14:d6:72:
+ e2:43:19:6c:ec:2b:db:cf:ab:bf:21:27:2e:4f:0f:80:02:30:
+ 7e:e7:f7:c3:21:78:67:a5:71:7b:cb:45:cd:6f:8c:07:36:de:
+ fb:77:0a:08:f6:c7:3b:06:eb:f8:37:f0:2c:06:6b:c6:2a:95:
+ 0c:02:e4:87:34:ee:f9:af:93:27:b1:b5
+-----BEGIN CERTIFICATE-----
+MIICCTCCAZCgAwIBAgIQbOysStVPvAPkcqWbByevMjAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkxMDA4MDg1NzI5WhcNMjIwOTIy
+MDg1NzI5WjAOMQwwCgYDVQQDDANibWUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASG
+011uvj6RkNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFD
+EUo1BsscVws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvKj
+gaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU+fj0I8UBoE9qZrvZoKsuWk0FEJYw
+VQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNVBAMM
+D1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0lBAww
+CgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cAMGQCMByXg+qd
+P56bmSYfQt8BsNUzC7VAnb4gHMLvq34bFNZy4kMZbOwr28+rvyEnLk8PgAIwfuf3
+wyF4Z6Vxe8tFzW+MBzbe+3cKCPbHOwbr+DfwLAZrxiqVDALkhzTu+a+TJ7G1
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDGOiNJILhTWN7SPHdY
+gpwEUN8RoQ0ZNV1vZGV8yKqoQbfc58QwZ7b1HLT95z79oeuhZANiAASG011uvj6R
+kNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFDEUo1Bssc
+Vws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvI=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ a1:74:ec:e4:d9:52:56:fa:d7:ad:43:1c:5e:3a:e2:84
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:13:36 2019 GMT
+ Not After : Jul 14 13:13:36 2022 GMT
+ Subject: CN=csgulyas
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:82:03:91:ad:e7:76:b7:8d:51:86:6d:cc:e3:15:
+ 91:6c:ac:31:e7:6d:e1:44:0d:c3:29:95:7c:5e:e1:
+ e8:37:aa:00:f6:47:74:18:e7:28:90:95:16:6c:08:
+ e2:9f:d7:24:55:46:22:1c:19:9f:06:4b:9b:8e:96:
+ 4b:5d:bb:c0:ad:35:5a:06:73:10:36:32:1d:89:e6:
+ b1:9e:f3:62:0d:8f:85:70:72:4c:48:4a:47:f0:fa:
+ eb:f6:7b:9c:7f:a8:7a
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 7E:44:12:28:E0:31:C6:7D:40:5A:E4:D5:86:5D:90:10:CC:14:12:33
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:2c:e3:e6:64:cd:43:ae:4a:9c:d7:40:66:cb:b2:
+ 1e:90:c3:97:17:32:f8:df:62:fd:54:32:d3:85:ee:bb:71:5e:
+ 4a:e2:23:ea:a4:cb:75:3a:72:ac:ca:f6:1b:f5:6b:57:02:31:
+ 00:e7:0a:38:06:b4:97:17:2c:f3:76:cc:aa:1e:6e:8d:be:12:
+ 7e:0a:ef:d6:34:fa:42:37:e1:6d:d3:bb:1f:75:39:a3:c5:40:
+ 32:37:7e:ba:c1:18:d4:cb:1b:55:62:ad:1b
+-----BEGIN CERTIFICATE-----
+MIICEDCCAZagAwIBAgIRAKF07OTZUlb6161DHF464oQwCgYIKoZIzj0EAwIwGjEY
+MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTMzNloXDTIyMDcx
+NDEzMTMzNlowEzERMA8GA1UEAwwIY3NndWx5YXMwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAASCA5Gt53a3jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZs
+COKf1yRVRiIcGZ8GS5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2
+e5x/qHqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUfkQSKOAxxn1AWuTVhl2Q
+EMwUEjMwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
+BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
+MCzj5mTNQ65KnNdAZsuyHpDDlxcy+N9i/VQy04Xuu3FeSuIj6qTLdTpyrMr2G/Vr
+VwIxAOcKOAa0lxcs83bMqh5ujb4Sfgrv1jT6QjfhbdO7H3U5o8VAMjd+usEY1Msb
+VWKtGw==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDByGpeF+ILcYFWX4cH9
+SxRUvZUkSb1ejVW5jVjfr8UyyfDaAR35ZNCZ1JLgdSWC0g2hZANiAASCA5Gt53a3
+jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZsCOKf1yRVRiIcGZ8G
+S5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2e5x/qHo=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 12:23:21:70:b0:f9:e3:c1:fe:60:d8:6e:ec:97:35:12
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:13:49 2019 GMT
+ Not After : Jul 14 13:13:49 2022 GMT
+ Subject: CN=cslevai
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:4b:d4:e1:4f:a7:5b:1e:c4:7d:40:27:19:de:bc:
+ cc:78:6b:5a:86:13:48:c4:c0:40:09:4e:1d:cd:b4:
+ f0:8d:14:2e:44:7c:8e:2d:7b:75:27:00:c4:9b:5c:
+ 71:1d:35:ff:f6:91:01:e2:3f:22:4d:f4:59:45:e4:
+ 85:61:a2:30:bb:7f:8e:7f:86:db:79:7a:da:61:00:
+ 72:3d:60:0b:3a:7b:d3:8e:43:d5:21:f9:e5:ef:01:
+ 02:48:0e:aa:07:e0:df
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ A5:71:47:49:34:D9:70:4C:8E:A6:06:51:69:AC:4D:2F:61:9F:3F:D2
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:64:02:30:79:11:b6:e8:91:42:c8:db:cd:fa:27:07:1d:5b:
+ cc:9f:b2:f3:d2:0f:79:7f:7e:83:3a:e9:4b:86:a0:ba:c1:10:
+ 9a:87:21:f0:2c:26:e9:c5:fc:fc:7c:6c:45:79:29:d3:02:30:
+ 0b:74:ab:68:f6:25:3f:d3:2b:eb:a9:13:1d:3d:b1:a8:80:9c:
+ 1f:8f:6f:de:de:2f:a7:7f:ad:5a:a5:18:29:05:99:65:5f:63:
+ 50:31:6e:78:90:e6:12:3e:83:f1:d8:b0
+-----BEGIN CERTIFICATE-----
+MIICDTCCAZSgAwIBAgIQEiMhcLD548H+YNhu7Jc1EjAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzQ5WhcNMjIwNzE0
+MTMxMzQ5WjASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAES9ThT6dbHsR9QCcZ3rzMeGtahhNIxMBACU4dzbTwjRQuRHyOLXt1JwDEm1xx
+HTX/9pEB4j8iTfRZReSFYaIwu3+Of4bbeXraYQByPWALOnvTjkPVIfnl7wECSA6q
+B+Dfo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKVxR0k02XBMjqYGUWmsTS9h
+nz/SMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
+VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNnADBkAjB5
+EbbokULI2836JwcdW8yfsvPSD3l/foM66UuGoLrBEJqHIfAsJunF/Px8bEV5KdMC
+MAt0q2j2JT/TK+upEx09saiAnB+Pb97eL6d/rVqlGCkFmWVfY1AxbniQ5hI+g/HY
+sA==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBcc3FEyoXLKwyy5rTO
+jo9SMOdGwdkwZFGBHDUYB65z/JrmvW6ArIv/XuYS3eCOg3mhZANiAARL1OFPp1se
+xH1AJxnevMx4a1qGE0jEwEAJTh3NtPCNFC5EfI4te3UnAMSbXHEdNf/2kQHiPyJN
+9FlF5IVhojC7f45/htt5etphAHI9YAs6e9OOQ9Uh+eXvAQJIDqoH4N8=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ ee:43:78:cd:16:7f:a5:7c:d5:10:b8:71:1f:5e:50:4e
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Aug 2 08:47:52 2019 GMT
+ Not After : Jul 17 08:47:52 2022 GMT
+ Subject: CN=dhorvath
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:c2:77:2a:57:01:7b:d9:0b:e0:e0:69:7e:2a:df:
+ 05:b8:91:4e:50:51:e9:52:bd:a5:fa:01:ad:62:0a:
+ 69:10:82:6f:aa:84:64:33:71:d9:96:ca:9c:05:ce:
+ d9:13:99:b0:d9:d5:4d:d9:1a:43:8c:41:d5:e7:0a:
+ ae:92:6c:f6:7f:bf:73:b6:ff:bd:a4:bb:fc:d9:0c:
+ 36:0d:e2:f4:78:24:bb:cd:ac:e9:04:d6:9c:a5:2b:
+ ce:d7:0e:85:85:10:f1
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ D7:31:77:61:74:16:36:31:0A:BF:D2:E5:EA:44:1E:FD:CE:E3:7E:26
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:66:02:31:00:cc:88:44:5d:a2:1b:e2:d5:1f:f6:17:f7:4f:
+ fe:11:b1:6a:e7:9b:cd:bb:35:21:90:9d:a5:07:e8:34:1c:b4:
+ 29:b6:a1:ff:d1:d9:d3:60:a1:04:ed:47:17:d5:81:53:bf:02:
+ 31:00:db:af:26:de:3e:0a:b9:2b:e7:43:a0:34:10:96:fb:7c:
+ 25:4a:dd:e6:82:bc:5a:f0:f9:ea:cc:10:3f:2f:18:09:eb:32:
+ f3:83:d4:49:b1:7b:30:d4:d0:3f:9c:00:75:7b
+-----BEGIN CERTIFICATE-----
+MIICETCCAZagAwIBAgIRAO5DeM0Wf6V81RC4cR9eUE4wCgYIKoZIzj0EAwIwGjEY
+MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDgwMjA4NDc1MloXDTIyMDcx
+NzA4NDc1MlowEzERMA8GA1UEAwwIZGhvcnZhdGgwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAATCdypXAXvZC+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwF
+ztkTmbDZ1U3ZGkOMQdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87X
+DoWFEPGjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU1zF3YXQWNjEKv9Ll6kQe
+/c7jfiYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
+BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYC
+MQDMiERdohvi1R/2F/dP/hGxauebzbs1IZCdpQfoNBy0Kbah/9HZ02ChBO1HF9WB
+U78CMQDbrybePgq5K+dDoDQQlvt8JUrd5oK8WvD56swQPy8YCesy84PUSbF7MNTQ
+P5wAdXs=
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAiHqPToF5VeW4qNuAu
+JwWSuOhHA5ZoB1jVj28Cxtnd2nbtrVwpIKlKOMiQy4WhyoKhZANiAATCdypXAXvZ
+C+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwFztkTmbDZ1U3ZGkOM
+QdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87XDoWFEPE=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 07:5b:cc:38:0a:a7:60:e4:33:ea:dc:63:5f:da:65:bb
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:14:04 2019 GMT
+ Not After : Jul 14 13:14:04 2022 GMT
+ Subject: CN=dvasary
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:83:4f:51:7b:f1:30:dc:76:25:db:21:fd:11:8a:
+ 39:fc:6f:4a:0f:f5:38:9d:8e:3c:18:c3:e2:b9:9a:
+ 7e:d8:25:9d:69:f1:40:f2:1c:f8:bd:7c:98:e9:1d:
+ 86:78:d0:d5:7b:b1:e6:8a:cb:44:e9:42:6c:61:c4:
+ d9:32:c5:16:f0:76:71:90:58:0f:13:f4:cb:01:02:
+ 68:fa:bb:3e:cb:24:47:e2:87:2d:f2:c6:d9:5f:b8:
+ 16:de:47:aa:bf:02:65
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 61:47:26:E4:48:A5:C7:F8:38:0A:5F:06:FE:F6:35:DC:BB:71:F1:36
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:66:02:31:00:8a:59:88:96:eb:a1:b6:5d:51:39:39:63:b6:
+ 53:c1:1e:01:ae:35:ff:3e:a5:ba:ed:17:a9:0b:2d:a9:86:c3:
+ ae:c1:47:55:9b:16:9f:d7:29:71:28:06:92:6c:da:86:75:02:
+ 31:00:b3:f1:55:67:51:44:2f:fa:5f:c0:65:ce:45:c3:ef:88:
+ f4:80:98:65:69:e5:db:7b:42:71:6f:16:f2:06:5c:ad:e1:ce:
+ fb:dc:fc:46:1f:b2:79:61:5a:c9:81:b5:24:c3
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZSgAwIBAgIQB1vMOAqnYOQz6txjX9pluzAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDA0WhcNMjIwNzE0
+MTMxNDA0WjASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAEg09Re/Ew3HYl2yH9EYo5/G9KD/U4nY48GMPiuZp+2CWdafFA8hz4vXyY6R2G
+eNDVe7HmistE6UJsYcTZMsUW8HZxkFgPE/TLAQJo+rs+yyRH4oct8sbZX7gW3keq
+vwJlo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGFHJuRIpcf4OApfBv72Ndy7
+cfE2MFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
+VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
+ilmIluuhtl1ROTljtlPBHgGuNf8+pbrtF6kLLamGw67BR1WbFp/XKXEoBpJs2oZ1
+AjEAs/FVZ1FEL/pfwGXORcPviPSAmGVp5dt7QnFvFvIGXK3hzvvc/EYfsnlhWsmB
+tSTD
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBlosRzur9E4uOwMzTj
+/x+I2VSe0jDyJr/CDV50ElawBO6bEvw4a5m2HjNW7HcAF4yhZANiAASDT1F78TDc
+diXbIf0Rijn8b0oP9TidjjwYw+K5mn7YJZ1p8UDyHPi9fJjpHYZ40NV7seaKy0Tp
+QmxhxNkyxRbwdnGQWA8T9MsBAmj6uz7LJEfihy3yxtlfuBbeR6q/AmU=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 32:06:af:0b:00:a2:dd:98:26:61:13:a2:f8:c5:f8:e7
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:14:15 2019 GMT
+ Not After : Jul 14 13:14:15 2022 GMT
+ Subject: CN=fritter
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:01:16:61:9a:29:9b:00:34:c6:d8:d0:31:87:e7:
+ 2c:fd:7a:7e:e0:6e:f7:26:1a:62:7f:d4:7d:aa:8d:
+ 0e:83:bd:c2:51:8c:cb:34:2b:3d:04:40:4f:2c:6f:
+ 8b:86:9b:7f:de:a2:79:a4:0a:03:4c:70:71:34:ba:
+ f6:f8:d1:e8:92:18:32:d6:78:3d:5d:29:5c:70:a0:
+ b6:80:7f:21:e2:63:09:57:c1:46:fd:9b:d9:7a:2a:
+ b8:13:f2:f7:83:cc:32
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ B1:1A:69:80:EF:74:B3:58:F8:3B:86:7A:86:DF:8C:50:30:56:12:04
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:66:02:31:00:da:29:1d:b3:22:d6:c9:b3:16:e6:14:41:77:
+ fb:87:e7:9c:39:0b:a4:40:42:bf:45:0a:b0:4e:53:89:c9:a9:
+ 6b:90:b7:88:85:bd:f0:9b:a0:a4:4b:fb:e3:2e:6f:d1:ff:02:
+ 31:00:82:ce:d7:ed:cd:94:17:96:d4:65:97:82:11:ae:dd:22:
+ 2c:2f:f2:64:55:ef:e7:25:c9:89:c3:bf:fc:cf:5f:c5:60:00:
+ 2c:e9:7d:36:7b:6b:b8:c0:08:c2:66:f2:f7:ef
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZSgAwIBAgIQMgavCwCi3ZgmYROi+MX45zAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDE1WhcNMjIwNzE0
+MTMxNDE1WjASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAEARZhmimbADTG2NAxh+cs/Xp+4G73Jhpif9R9qo0Og73CUYzLNCs9BEBPLG+L
+hpt/3qJ5pAoDTHBxNLr2+NHokhgy1ng9XSlccKC2gH8h4mMJV8FG/ZvZeiq4E/L3
+g8wyo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLEaaYDvdLNY+DuGeobfjFAw
+VhIEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
+VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
+2ikdsyLWybMW5hRBd/uH55w5C6RAQr9FCrBOU4nJqWuQt4iFvfCboKRL++Mub9H/
+AjEAgs7X7c2UF5bUZZeCEa7dIiwv8mRV7+clyYnDv/zPX8VgACzpfTZ7a7jACMJm
+8vfv
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDaUFU/AcO1aLWRrpXF
+pdIp3a8bUuIn0Sf/p2z+xd96uy8q/k4ldwJuAFpDqIWU7EehZANiAAQBFmGaKZsA
+NMbY0DGH5yz9en7gbvcmGmJ/1H2qjQ6DvcJRjMs0Kz0EQE8sb4uGm3/eonmkCgNM
+cHE0uvb40eiSGDLWeD1dKVxwoLaAfyHiYwlXwUb9m9l6KrgT8veDzDI=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 62:de:03:11:22:c6:4b:00:ac:33:d5:e5:8a:25:0f:ff
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:14:27 2019 GMT
+ Not After : Jul 14 13:14:27 2022 GMT
+ Subject: CN=fschnell
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:c1:66:71:37:bb:f5:b6:2c:b0:a0:d6:8c:85:2c:
+ 31:28:d1:5e:d6:23:71:ae:b7:6f:79:12:50:7a:b5:
+ 6c:ee:eb:a0:a9:9b:1a:d5:f3:5d:72:fd:cd:f1:0d:
+ 23:3f:6e:44:7b:1f:c9:8a:1e:fb:51:ad:e2:bf:c8:
+ 12:0d:d0:7a:11:de:ee:c2:6e:06:af:67:c7:51:13:
+ 8c:cf:75:9f:a9:80:42:f2:9c:5a:78:af:29:57:df:
+ b0:c1:d6:d6:3b:42:60
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ B9:32:14:86:9B:D6:96:CB:A1:D9:29:28:C4:F7:93:25:5F:2A:A1:1C
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:64:02:30:61:aa:3e:2c:c7:81:3c:56:1a:87:fe:c8:42:6a:
+ b1:61:dd:1c:6a:21:ac:81:90:ef:04:4c:2f:fc:9f:b7:75:e1:
+ b2:2a:60:f8:67:f0:9a:b4:7f:18:cd:81:68:bf:ae:1b:02:30:
+ 33:0e:e6:86:5d:2e:bc:64:4e:4c:fd:8d:05:45:a6:c0:3d:d8:
+ af:53:fa:37:2f:e5:84:8e:ea:30:80:82:60:96:8e:5d:8f:1f:
+ f2:4f:d1:f7:c0:d1:a0:19:d7:93:95:82
+-----BEGIN CERTIFICATE-----
+MIICDjCCAZWgAwIBAgIQYt4DESLGSwCsM9XliiUP/zAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDI3WhcNMjIwNzE0
+MTMxNDI3WjATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABMFmcTe79bYssKDWjIUsMSjRXtYjca63b3kSUHq1bO7roKmbGtXzXXL9zfEN
+Iz9uRHsfyYoe+1Gt4r/IEg3QehHe7sJuBq9nx1ETjM91n6mAQvKcWnivKVffsMHW
+1jtCYKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBS5MhSGm9aWy6HZKSjE95Ml
+XyqhHDBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
+HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIw
+Yao+LMeBPFYah/7IQmqxYd0caiGsgZDvBEwv/J+3deGyKmD4Z/CatH8YzYFov64b
+AjAzDuaGXS68ZE5M/Y0FRabAPdivU/o3L+WEjuowgIJglo5djx/yT9H3wNGgGdeT
+lYI=
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDJrT8LYg3Z3J0bN6Zo
+Hu+9iFCXEwyBg21YcYlkT+Ugp2+VCgT27UByvVcOCBWffvGhZANiAATBZnE3u/W2
+LLCg1oyFLDEo0V7WI3Gut295ElB6tWzu66CpmxrV811y/c3xDSM/bkR7H8mKHvtR
+reK/yBIN0HoR3u7CbgavZ8dRE4zPdZ+pgELynFp4rylX37DB1tY7QmA=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 46:9e:0b:aa:82:d0:07:b1:9d:fc:c4:87:c5:6c:9e:80
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:14:38 2019 GMT
+ Not After : Jul 14 13:14:38 2022 GMT
+ Subject: CN=ifabian
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:ba:65:94:67:08:34:86:c7:0f:94:00:5f:e2:38:
+ 5b:9e:29:5f:76:7a:87:43:5b:37:a4:44:ab:39:72:
+ be:37:0e:3f:c5:ba:55:8b:6c:bd:22:ed:74:54:88:
+ a2:1c:ec:f8:24:37:3f:b3:b2:e3:56:0e:e5:81:cb:
+ ef:48:1d:e5:ea:1f:67:51:5f:20:8b:2f:aa:fe:fe:
+ 8e:d4:be:91:28:94:b6:cc:04:74:90:72:90:10:a0:
+ 7c:42:a2:e3:4c:7f:49
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 0B:41:AE:87:A5:73:BB:DC:4E:16:2E:F3:A0:20:FA:D5:38:52:40:AA
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:1f:f9:44:c2:c2:63:91:08:c2:c8:ca:22:28:7d:
+ 9b:84:3d:d1:f7:89:43:26:b0:a6:e7:2c:e5:63:e9:bd:86:81:
+ e5:ad:1a:c2:bb:30:31:05:eb:e9:d3:71:d1:6e:c0:df:02:31:
+ 00:d3:38:d5:bb:9f:d2:a2:92:6e:0e:2a:b4:d9:d6:a9:c9:eb:
+ 5c:c9:ef:33:1c:66:d4:3c:a0:86:07:39:38:14:0c:61:8b:67:
+ 75:20:06:d8:79:0c:65:a2:2d:87:fc:00:04
+-----BEGIN CERTIFICATE-----
+MIICDjCCAZSgAwIBAgIQRp4LqoLQB7Gd/MSHxWyegDAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDM4WhcNMjIwNzE0
+MTMxNDM4WjASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAEumWUZwg0hscPlABf4jhbnilfdnqHQ1s3pESrOXK+Nw4/xbpVi2y9Iu10VIii
+HOz4JDc/s7LjVg7lgcvvSB3l6h9nUV8giy+q/v6O1L6RKJS2zAR0kHKQEKB8QqLj
+TH9Jo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAtBroelc7vcThYu86Ag+tU4
+UkCqMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
+VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjAf
++UTCwmORCMLIyiIofZuEPdH3iUMmsKbnLOVj6b2GgeWtGsK7MDEF6+nTcdFuwN8C
+MQDTONW7n9Kikm4OKrTZ1qnJ61zJ7zMcZtQ8oIYHOTgUDGGLZ3UgBth5DGWiLYf8
+AAQ=
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJtymPakZLlMwR+KYJ
+QWARrF1lWXrsteVeTa36Rx5Hj/VVVvDBIdnd6jJ8ZYtFkP6hZANiAAS6ZZRnCDSG
+xw+UAF/iOFueKV92eodDWzekRKs5cr43Dj/FulWLbL0i7XRUiKIc7PgkNz+zsuNW
+DuWBy+9IHeXqH2dRXyCLL6r+/o7UvpEolLbMBHSQcpAQoHxCouNMf0k=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 68:02:68:8c:e3:bb:71:c1:e8:67:ca:49:0a:9d:0b:4c
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:14:53 2019 GMT
+ Not After : Jul 14 13:14:53 2022 GMT
+ Subject: CN=khorvath
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:10:d0:a2:68:66:ea:40:36:f3:9d:13:e2:bc:e7:
+ 87:92:d4:ca:f2:e6:13:a9:0b:d0:92:b7:a0:24:f0:
+ e4:ce:69:08:e4:e2:c0:66:e0:2a:2a:79:06:e3:d4:
+ 33:e8:6b:94:a7:fb:71:9a:e7:9a:a1:f9:1a:3b:28:
+ 3f:3b:0c:99:5f:2e:cf:17:98:60:10:16:22:c3:1f:
+ 7e:61:62:97:85:36:0a:0a:e9:26:0e:76:c3:88:b8:
+ 8e:e4:80:78:52:b5:9c
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 42:88:C3:F8:81:2A:78:1F:C8:3F:D2:7D:BA:E9:44:09:4A:36:3A:B1
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:27:4e:d4:b0:5a:4b:af:6a:d6:a0:b7:ae:b4:57:
+ d1:dc:4e:77:9c:bf:06:c0:bd:3d:06:c3:90:7e:e4:7a:24:1e:
+ e9:a4:76:51:4b:2f:3d:8a:1c:6e:93:0d:de:b1:3c:63:02:31:
+ 00:fb:48:45:89:a8:e7:74:16:4a:1d:5e:a1:ad:b2:d3:34:9f:
+ 95:04:ed:92:1f:a8:ad:05:6f:81:ee:d0:8c:fc:9d:6c:e3:5d:
+ 5a:1b:e8:27:86:20:a0:e4:78:a2:4f:63:b3
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZWgAwIBAgIQaAJojOO7ccHoZ8pJCp0LTDAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDUzWhcNMjIwNzE0
+MTMxNDUzWjATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABBDQomhm6kA2850T4rznh5LUyvLmE6kL0JK3oCTw5M5pCOTiwGbgKip5BuPU
+M+hrlKf7cZrnmqH5GjsoPzsMmV8uzxeYYBAWIsMffmFil4U2CgrpJg52w4i4juSA
+eFK1nKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRCiMP4gSp4H8g/0n266UQJ
+SjY6sTBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
+HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
+J07UsFpLr2rWoLeutFfR3E53nL8GwL09BsOQfuR6JB7ppHZRSy89ihxukw3esTxj
+AjEA+0hFiajndBZKHV6hrbLTNJ+VBO2SH6itBW+B7tCM/J1s411aG+gnhiCg5Hii
+T2Oz
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCHVXyxB2Mu+VF6/KPn
+CMn4rSmKCw0bg6ui1SzGZj+A8F334h0AnMFdygwAWFFwjI+hZANiAAQQ0KJoZupA
+NvOdE+K854eS1Mry5hOpC9CSt6Ak8OTOaQjk4sBm4CoqeQbj1DPoa5Sn+3Ga55qh
++Ro7KD87DJlfLs8XmGAQFiLDH35hYpeFNgoK6SYOdsOIuI7kgHhStZw=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 58:5a:a9:7d:7c:ca:b5:2c:49:57:bb:bf:91:37:42:61
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Mar 26 10:41:27 2020 GMT
+ Not After : Mar 11 10:41:27 2023 GMT
+ Subject: CN=kkancz
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:16:c3:cc:4c:19:91:e6:b3:53:89:7d:7a:1e:ae:
+ 57:89:52:19:d7:e5:c7:d0:68:74:a6:0d:92:e9:09:
+ e7:81:5e:11:02:ea:87:89:20:e7:57:b1:ca:44:b6:
+ cf:5f:01:58:73:94:89:3a:0a:67:fa:9f:c8:c9:16:
+ 8d:e7:72:75:94:8d:52:de:f1:0f:47:a3:15:83:c3:
+ cd:67:c8:14:af:b2:f5:63:08:0c:25:d5:d5:0a:ba:
+ fb:9b:0f:df:e0:45:b4
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 61:CB:25:BC:82:6D:D5:01:DE:15:AF:18:59:C3:D7:34:16:B7:A6:94
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:31:00:ca:f1:79:0b:1b:e1:0f:15:b4:6e:3e:69:9b:
+ 92:a8:bc:fe:2f:5c:96:c0:ad:d7:02:97:e0:ea:f7:08:77:43:
+ 31:22:93:50:19:24:88:91:63:39:b1:1a:80:bf:9d:bf:f1:02:
+ 30:38:5b:c1:af:a7:58:0d:de:b5:19:77:00:33:31:7d:41:c5:
+ 3c:bb:b2:9e:cd:86:66:f6:1a:84:4d:80:b6:28:b5:2b:04:5f:
+ 1c:a3:49:cd:89:2d:21:0a:5f:65:eb:d0:36
+-----BEGIN CERTIFICATE-----
+MIICDTCCAZOgAwIBAgIQWFqpfXzKtSxJV7u/kTdCYTAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMjAwMzI2MTA0MTI3WhcNMjMwMzEx
+MTA0MTI3WjARMQ8wDQYDVQQDDAZra2FuY3owdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AAQWw8xMGZHms1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9f
+AVhzlIk6Cmf6n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/g
+RbSjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYcslvIJt1QHeFa8YWcPXNBa3
+ppQwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
+BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
+BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMQDK
+8XkLG+EPFbRuPmmbkqi8/i9clsCt1wKX4Or3CHdDMSKTUBkkiJFjObEagL+dv/EC
+MDhbwa+nWA3etRl3ADMxfUHFPLuyns2GZvYahE2Atii1KwRfHKNJzYktIQpfZevQ
+Ng==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC6hDj7GpCg6mhd+Ih0
+NNNHxi0brgmGC0T53l8asSES2Af/Ot8NgmKXCLncufiW/DyhZANiAAQWw8xMGZHm
+s1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9fAVhzlIk6Cmf6
+n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/gRbQ=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 39:4b:dd:54:1c:10:82:ea:c5:cd:4d:9d:fe:b6:d4:d3
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:15:02 2019 GMT
+ Not After : Jul 14 13:15:02 2022 GMT
+ Subject: CN=kkele
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:0a:e8:ed:f9:1a:f5:b6:17:d7:5f:ff:9e:9c:1e:
+ 1d:11:cf:12:7f:01:11:ca:a2:b1:e0:b5:bc:30:6b:
+ 5c:ff:5e:d2:06:2b:55:a9:0f:55:3a:ae:ee:a6:5e:
+ 74:0d:f6:43:b6:a4:1d:17:2b:0f:87:7b:c2:39:47:
+ 1d:e7:fb:e4:64:d1:00:60:bb:1c:eb:e0:40:82:8d:
+ 77:09:85:d1:1c:37:c8:3e:d5:64:51:0f:1d:71:71:
+ 04:3a:21:6c:a2:57:36
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ B0:47:56:D8:59:56:0D:E2:68:86:01:E8:12:30:4C:EF:D9:7D:EE:F7
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:31:00:df:6c:06:c1:07:aa:bb:76:58:d8:ea:dc:60:
+ ce:e0:5c:a9:32:c0:20:c9:8b:da:3b:7e:98:74:94:96:83:0e:
+ 9f:71:8f:4e:af:72:d0:49:29:06:d0:c8:e9:12:88:67:67:02:
+ 30:77:f4:e3:b5:89:dd:e6:6e:83:65:64:77:09:8e:52:2d:47:
+ 04:80:27:14:25:51:08:97:01:86:e9:23:0d:04:fa:44:89:35:
+ c4:4e:18:84:09:86:cf:5a:7b:6c:0e:09:fd
+-----BEGIN CERTIFICATE-----
+MIICDDCCAZKgAwIBAgIQOUvdVBwQgurFzU2d/rbU0zAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTAyWhcNMjIwNzE0
+MTMxNTAyWjAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BAro7fka9bYX11//npweHRHPEn8BEcqiseC1vDBrXP9e0gYrVakPVTqu7qZedA32
+Q7akHRcrD4d7wjlHHef75GTRAGC7HOvgQIKNdwmF0Rw3yD7VZFEPHXFxBDohbKJX
+NqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSwR1bYWVYN4miGAegSMEzv2X3u
+9zBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
+AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
+DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIxAN9s
+BsEHqrt2WNjq3GDO4FypMsAgyYvaO36YdJSWgw6fcY9Or3LQSSkG0MjpEohnZwIw
+d/TjtYnd5m6DZWR3CY5SLUcEgCcUJVEIlwGG6SMNBPpEiTXEThiECYbPWntsDgn9
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCZCcP1YRtj97FZBxtE
+5Axn4mV2pTI/8RH0/SBivyOK4NsnVPQeiXI1XOBgXKRafIWhZANiAAQK6O35GvW2
+F9df/56cHh0RzxJ/ARHKorHgtbwwa1z/XtIGK1WpD1U6ru6mXnQN9kO2pB0XKw+H
+e8I5Rx3n++Rk0QBguxzr4ECCjXcJhdEcN8g+1WRRDx1xcQQ6IWyiVzY=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 23:7b:c7:68:f3:7b:5c:8e:17:63:b5:67:3e:d3:10:1c
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:15:16 2019 GMT
+ Not After : Jul 14 13:15:16 2022 GMT
+ Subject: CN=mszabo
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:d4:de:f0:4a:f4:a0:8a:bd:52:97:87:c0:f5:28:
+ 87:7d:7b:4c:f3:3d:13:be:6b:f6:61:23:f8:91:fd:
+ 2a:59:db:38:2e:ec:d6:5d:21:c2:b9:e0:8c:38:36:
+ c9:bb:2c:f9:87:f3:c5:53:28:d1:94:03:d3:24:c0:
+ fa:95:b3:19:4a:42:95:94:22:11:4f:82:ea:bf:16:
+ 42:42:90:f1:9e:e9:68:48:2e:b9:db:71:be:48:4a:
+ eb:06:61:63:73:77:18
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 8B:C8:96:C9:E3:FD:F0:F2:13:BD:F3:32:17:FD:4F:40:19:3D:2A:5F
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:66:02:31:00:84:81:10:d7:e4:4f:e6:1d:de:3f:6c:9d:f9:
+ 45:2f:6c:74:c1:ce:65:da:b9:0f:56:2d:3c:08:2d:a9:62:d2:
+ ec:45:46:50:7d:da:d1:0d:73:8c:e9:57:57:3e:2d:49:14:02:
+ 31:00:9e:6a:e2:fa:4f:6d:04:6f:3f:6b:35:9e:1b:6a:94:b8:
+ 3b:f3:79:db:9b:cd:2c:84:48:e9:7a:a9:13:d2:08:b0:d0:f2:
+ c6:22:7e:87:3b:f4:6d:d0:b7:db:c4:b5:ad:5d
+-----BEGIN CERTIFICATE-----
+MIICDjCCAZOgAwIBAgIQI3vHaPN7XI4XY7VnPtMQHDAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTE2WhcNMjIwNzE0
+MTMxNTE2WjARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AATU3vBK9KCKvVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7
+LPmH88VTKNGUA9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNz
+dxijgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUi8iWyeP98PITvfMyF/1PQBk9
+Kl8wVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
+BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
+BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYCMQCE
+gRDX5E/mHd4/bJ35RS9sdMHOZdq5D1YtPAgtqWLS7EVGUH3a0Q1zjOlXVz4tSRQC
+MQCeauL6T20Ebz9rNZ4bapS4O/N525vNLIRI6XqpE9IIsNDyxiJ+hzv0bdC328S1
+rV0=
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDlaHtUEb8WUjje5qw7
+TWC4QX2Cpc2Cp9yZfsw2l18Iz5G/fwCCzsYbfOstnZyIiJahZANiAATU3vBK9KCK
+vVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7LPmH88VTKNGU
+A9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNzdxg=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ ac:b6:49:fd:c2:e3:b8:1c:54:2c:66:1f:04:12:e1:b6
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:16:25 2019 GMT
+ Not After : Jul 14 13:16:25 2022 GMT
+ Subject: CN=qqcs
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:4a:c3:a5:30:3e:35:30:99:34:68:48:48:08:05:
+ 96:c9:b4:40:cc:e5:09:81:e3:47:07:84:59:63:59:
+ f8:c5:92:7f:35:ba:68:1b:14:d2:f3:da:39:14:97:
+ e3:11:09:d8:4f:34:61:9d:b2:75:d6:73:ab:d9:eb:
+ ed:0e:e8:e5:7b:28:c6:9d:04:b1:ed:47:97:2b:d3:
+ 62:01:b3:83:e7:6c:c8:c7:11:82:f3:c8:c0:97:27:
+ 52:8d:54:da:42:98:fb
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 8B:85:13:8E:D2:D4:4D:3F:AE:DD:0D:38:D0:65:84:40:E9:2A:3F:02
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:28:fe:ea:a7:50:e0:71:a6:51:36:4e:19:42:f7:
+ 01:c4:d0:fd:a2:66:f3:4c:28:15:81:51:9d:75:33:88:3e:6e:
+ 96:02:e4:67:be:26:cf:05:81:18:c3:e6:96:7f:73:2a:02:31:
+ 00:fc:ea:f1:0c:28:55:3b:9e:d1:5f:46:c7:41:0f:da:48:c5:
+ a6:35:45:19:07:f1:ad:59:2a:ae:0b:60:c6:f3:7d:a8:af:4f:
+ 71:50:5d:bb:fb:a7:55:7c:6c:b2:ce:12:c4
+-----BEGIN CERTIFICATE-----
+MIICDDCCAZKgAwIBAgIRAKy2Sf3C47gcVCxmHwQS4bYwCgYIKoZIzj0EAwIwGjEY
+MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTYyNVoXDTIyMDcx
+NDEzMTYyNVowDzENMAsGA1UEAwwEcXFjczB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BErDpTA+NTCZNGhISAgFlsm0QMzlCYHjRweEWWNZ+MWSfzW6aBsU0vPaORSX4xEJ
+2E80YZ2yddZzq9nr7Q7o5Xsoxp0Ese1HlyvTYgGzg+dsyMcRgvPIwJcnUo1U2kKY
++6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSLhROO0tRNP67dDTjQZYRA6So/
+AjBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
+AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
+DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIwKP7q
+p1DgcaZRNk4ZQvcBxND9ombzTCgVgVGddTOIPm6WAuRnvibPBYEYw+aWf3MqAjEA
+/OrxDChVO57RX0bHQQ/aSMWmNUUZB/GtWSquC2DG832or09xUF27+6dVfGyyzhLE
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJVj3xLzZDW0wggPR3
+JPZUDXSKsfeXT+1IyjY7IKpB0Ku+jIOzCt1ma3S4iUK/F4ChZANiAARKw6UwPjUw
+mTRoSEgIBZbJtEDM5QmB40cHhFljWfjFkn81umgbFNLz2jkUl+MRCdhPNGGdsnXW
+c6vZ6+0O6OV7KMadBLHtR5cr02IBs4PnbMjHEYLzyMCXJ1KNVNpCmPs=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ f6:01:86:d6:4b:85:3a:3d:d9:f8:79:9f:b8:17:c3:01
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:15:29 2019 GMT
+ Not After : Jul 14 13:15:29 2022 GMT
+ Subject: CN=rrendek
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:ea:c4:ab:e1:24:42:91:06:17:73:d6:d9:87:17:
+ 29:a8:05:73:be:5a:54:38:3e:c9:dd:78:55:ca:e2:
+ 27:e6:44:1a:22:5b:3a:15:68:61:bf:ae:ce:05:a5:
+ c9:98:f7:a3:ff:0e:b9:db:8e:fc:15:ac:76:41:c8:
+ 6e:de:85:38:cb:1f:b1:98:41:df:4e:18:62:24:04:
+ 95:5a:16:6b:0b:fd:13:e3:26:8b:76:d3:9a:54:6c:
+ 9b:19:3c:55:de:d0:2e
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ D5:73:9E:FA:32:4C:D8:2A:E0:33:CF:15:F6:C0:D5:E9:56:5A:D0:EE
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:49:21:38:44:26:a9:96:15:98:29:c4:4f:04:25:
+ be:35:90:bc:44:00:60:0d:6a:f7:f8:d4:ed:58:ea:28:45:f2:
+ 99:33:d1:e3:2e:82:4e:04:bb:e5:27:10:ea:64:b8:83:02:31:
+ 00:c3:59:fe:dc:8a:a1:e4:d1:30:09:51:2a:d8:d2:76:af:dc:
+ 28:b2:d3:0d:ad:f3:19:91:b5:92:e6:8b:b4:77:d8:c3:87:f8:
+ 7b:39:94:ab:f2:c0:06:c1:c4:43:b8:0e:16
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZWgAwIBAgIRAPYBhtZLhTo92fh5n7gXwwEwCgYIKoZIzj0EAwIwGjEY
+MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTUyOVoXDTIyMDcx
+NDEzMTUyOVowEjEQMA4GA1UEAwwHcnJlbmRlazB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABOrEq+EkQpEGF3PW2YcXKagFc75aVDg+yd14VcriJ+ZEGiJbOhVoYb+uzgWl
+yZj3o/8OuduO/BWsdkHIbt6FOMsfsZhB304YYiQElVoWawv9E+Mmi3bTmlRsmxk8
+Vd7QLqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTVc576MkzYKuAzzxX2wNXp
+VlrQ7jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
+HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
+SSE4RCaplhWYKcRPBCW+NZC8RABgDWr3+NTtWOooRfKZM9HjLoJOBLvlJxDqZLiD
+AjEAw1n+3Iqh5NEwCVEq2NJ2r9wostMNrfMZkbWS5ou0d9jDh/h7OZSr8sAGwcRD
+uA4W
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCsxtcmrcd9xqynDZ3a
+foxPCtPVy9dGZ9GYZY0umi1aXddSZmTQLis9HcQZsg6fqpuhZANiAATqxKvhJEKR
+Bhdz1tmHFymoBXO+WlQ4PsndeFXK4ifmRBoiWzoVaGG/rs4FpcmY96P/DrnbjvwV
+rHZByG7ehTjLH7GYQd9OGGIkBJVaFmsL/RPjJot205pUbJsZPFXe0C4=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ b5:63:ff:7c:ff:87:23:f8:fd:6c:cd:82:85:1f:fa:31
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Mar 26 10:41:42 2020 GMT
+ Not After : Mar 11 10:41:42 2023 GMT
+ Subject: CN=thering
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:18:e6:74:25:a4:09:6a:83:9f:bc:71:e8:8e:c1:
+ 44:73:6c:60:17:3a:29:a4:11:40:94:9d:ad:aa:f4:
+ 37:03:cc:83:a7:28:5b:58:c8:0b:40:bf:ec:c8:83:
+ 6e:41:db:56:24:37:56:7f:ba:25:57:09:76:82:27:
+ 45:93:e9:65:25:aa:55:f1:cb:48:d8:8b:d2:65:dc:
+ 8e:51:71:e8:60:d1:2e:88:34:f4:d1:f3:c2:81:3a:
+ 36:9a:9c:08:7f:ac:c7
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ DE:BA:42:67:DA:26:9A:79:0C:E4:D7:AB:BA:DA:0A:02:71:D0:48:FE
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:31:00:87:c1:1b:d1:15:d9:85:62:f9:58:ff:0b:30:
+ a0:3b:c7:31:ca:46:0c:71:0c:55:9d:83:a3:a9:32:93:94:7a:
+ 6b:b4:54:e2:a3:e6:be:de:aa:29:bc:77:a7:9e:1b:cc:6f:02:
+ 30:66:a5:9a:15:42:7f:e4:ad:00:be:0b:73:70:20:1b:c1:65:
+ 40:15:22:28:51:8a:d1:7a:06:3a:50:2c:d2:56:0d:48:2c:7a:
+ f4:b1:63:3e:ac:7f:01:c8:ac:bc:04:ce:b9
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZWgAwIBAgIRALVj/3z/hyP4/WzNgoUf+jEwCgYIKoZIzj0EAwIwGjEY
+MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTIwMDMyNjEwNDE0MloXDTIzMDMx
+MTEwNDE0MlowEjEQMA4GA1UEAwwHdGhlcmluZzB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABBjmdCWkCWqDn7xx6I7BRHNsYBc6KaQRQJSdrar0NwPMg6coW1jIC0C/7MiD
+bkHbViQ3Vn+6JVcJdoInRZPpZSWqVfHLSNiL0mXcjlFx6GDRLog09NHzwoE6Npqc
+CH+sx6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTeukJn2iaaeQzk16u62goC
+cdBI/jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
+HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIx
+AIfBG9EV2YVi+Vj/CzCgO8cxykYMcQxVnYOjqTKTlHprtFTio+a+3qopvHennhvM
+bwIwZqWaFUJ/5K0AvgtzcCAbwWVAFSIoUYrRegY6UCzSVg1ILHr0sWM+rH8ByKy8
+BM65
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCboZiI4T9fQqhuUhZ1
+lsZw4yXdJ5COxryQGbWBWZanAdbF2JG/wNgYVcYHmU+IpEyhZANiAAQY5nQlpAlq
+g5+8ceiOwURzbGAXOimkEUCUna2q9DcDzIOnKFtYyAtAv+zIg25B21YkN1Z/uiVX
+CXaCJ0WT6WUlqlXxy0jYi9Jl3I5Rcehg0S6INPTR88KBOjaanAh/rMc=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 4b:df:84:b3:7b:17:ce:e1:09:87:9b:67:05:4b:27:91
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:15:51 2019 GMT
+ Not After : Jul 14 13:15:51 2022 GMT
+ Subject: CN=tsuhajda
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:6a:52:47:b4:82:6f:88:07:39:d2:55:37:5b:de:
+ e8:37:fd:12:c8:2e:2a:c5:b4:9b:54:cf:2b:7c:73:
+ dd:9c:89:37:d7:a9:09:50:11:bb:ae:8e:8d:3f:e7:
+ d0:c9:7e:89:f5:7f:29:28:2d:d6:49:5b:69:b9:47:
+ da:82:87:1e:a9:e8:7a:98:e2:fe:2b:b6:b0:c2:fd:
+ aa:18:af:c3:d5:b0:c3:51:8b:77:8e:4d:68:60:47:
+ 41:28:4d:30:81:4d:7c
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 60:FA:D3:CB:9A:38:0E:08:58:0C:11:BB:A1:C8:18:FB:36:31:2A:67
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:66:02:31:00:c2:3b:36:d4:ec:38:f3:3f:11:b3:74:6b:34:
+ 27:2f:bd:77:41:c1:20:55:e8:39:b5:1b:ad:04:a1:ab:ca:19:
+ 1e:31:6f:32:4e:12:80:f9:c9:fc:96:f4:7b:81:34:87:07:02:
+ 31:00:92:a4:26:4c:73:29:b6:4f:be:37:a7:98:50:33:4f:10:
+ cd:f2:a0:2d:e6:f1:dd:18:7e:0a:51:1d:81:36:5a:36:3c:17:
+ f8:d3:2c:cb:c1:16:5d:38:1d:57:97:9a:be:69
+-----BEGIN CERTIFICATE-----
+MIICEDCCAZWgAwIBAgIQS9+Es3sXzuEJh5tnBUsnkTAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTUxWhcNMjIwNzE0
+MTMxNTUxWjATMREwDwYDVQQDDAh0c3VoYWpkYTB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABGpSR7SCb4gHOdJVN1ve6Df9EsguKsW0m1TPK3xz3ZyJN9epCVARu66OjT/n
+0Ml+ifV/KSgt1klbablH2oKHHqnoepji/iu2sML9qhivw9Www1GLd45NaGBHQShN
+MIFNfKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRg+tPLmjgOCFgMEbuhyBj7
+NjEqZzBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
+HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaQAwZgIx
+AMI7NtTsOPM/EbN0azQnL713QcEgVeg5tRutBKGryhkeMW8yThKA+cn8lvR7gTSH
+BwIxAJKkJkxzKbZPvjenmFAzTxDN8qAt5vHdGH4KUR2BNlo2PBf40yzLwRZdOB1X
+l5q+aQ==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA3FfCdgRHmr7R09vcV
+oMIHICl1w6SEHkvJWvu/kgBvfUTDa+8xO6TcfLj3bcN7SUKhZANiAARqUke0gm+I
+BznSVTdb3ug3/RLILirFtJtUzyt8c92ciTfXqQlQEbuujo0/59DJfon1fykoLdZJ
+W2m5R9qChx6p6HqY4v4rtrDC/aoYr8PVsMNRi3eOTWhgR0EoTTCBTXw=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 6b:9d:83:08:3d:87:cc:88:0a:de:bc:cd:3b:5c:ef:4d
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:16:02 2019 GMT
+ Not After : Jul 14 13:16:02 2022 GMT
+ Subject: CN=zbartakovics
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:0f:68:0b:c6:8e:81:3c:ef:a7:cb:71:84:f3:84:
+ 12:e5:9c:28:13:15:e1:ab:bf:2f:92:3c:db:40:2c:
+ e5:f7:c9:61:94:d2:23:08:10:75:53:7a:ec:39:3c:
+ a1:9c:d3:73:0e:79:db:4c:15:94:77:11:a4:30:e2:
+ bc:73:fa:66:0e:17:90:e2:a3:4c:17:82:41:87:c2:
+ 94:8a:c3:28:47:40:76:76:59:c7:16:47:07:8b:ec:
+ dd:22:6c:3c:af:26:25
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 36:50:AD:4A:3A:69:D8:C0:00:F4:3C:7C:FF:B0:7D:E2:94:B9:7C:8A
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:64:02:30:7e:1a:02:39:9f:2d:c8:dd:5b:4a:2b:9a:2e:61:
+ 60:a5:e2:60:92:29:d4:7e:f2:32:5a:be:90:72:89:42:1a:74:
+ 74:72:c3:e8:32:0b:63:82:52:65:fa:2f:b3:13:4f:16:02:30:
+ 1e:a0:79:e7:55:d1:45:54:97:8d:a0:fb:50:ce:47:b0:1f:d0:
+ 78:47:21:dc:21:d1:7d:f4:1a:da:48:55:fc:43:ce:28:ae:b9:
+ 96:c0:72:2b:29:e4:61:b7:6b:9a:b2:92
+-----BEGIN CERTIFICATE-----
+MIICEjCCAZmgAwIBAgIQa52DCD2HzIgK3rzNO1zvTTAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjAyWhcNMjIwNzE0
+MTMxNjAyWjAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAQPaAvGjoE876fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVT
+euw5PKGc03MOedtMFZR3EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL
+7N0ibDyvJiWjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUNlCtSjpp2MAA9Dx8
+/7B94pS5fIowVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
+GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
+EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cA
+MGQCMH4aAjmfLcjdW0ormi5hYKXiYJIp1H7yMlq+kHKJQhp0dHLD6DILY4JSZfov
+sxNPFgIwHqB551XRRVSXjaD7UM5HsB/QeEch3CHRffQa2khV/EPOKK65lsByKynk
+YbdrmrKS
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA0fa139CTqeLKWJaqU
+GKH5EIpDoFGwek9AW9Td5BTuYxpTREQwi3vMbEZ4sULZI2ehZANiAAQPaAvGjoE8
+76fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVTeuw5PKGc03MOedtMFZR3
+EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL7N0ibDyvJiU=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certicate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
+MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
+DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
+aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
+ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
+A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
+CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
+q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 34:13:80:3e:21:7f:3b:dd:0a:af:d5:cb:0d:17:4b:3c
+ Signature Algorithm: ecdsa-with-SHA256
+ Issuer: CN=USER OpenVPN CA
+ Validity
+ Not Before: Jul 30 13:16:17 2019 GMT
+ Not After : Jul 14 13:16:17 2022 GMT
+ Subject: CN=zfelleg
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (384 bit)
+ pub:
+ 04:83:a4:95:4c:f4:18:92:47:f1:fe:26:d4:2c:3a:
+ a1:65:73:7b:ef:cd:26:ef:dc:d7:7a:dc:95:9a:8b:
+ 66:3f:e9:c9:2e:f6:ac:0a:0e:a1:8f:bd:a5:00:42:
+ 3a:30:03:9c:0a:5b:4a:c3:3c:bc:62:05:60:37:36:
+ 99:e4:e7:27:2d:ae:a9:c1:a2:57:35:8e:d2:59:77:
+ 29:16:64:50:94:16:ca:1a:19:31:1a:83:8c:41:07:
+ 7f:7d:e7:fc:98:80:73
+ ASN1 OID: secp384r1
+ NIST CURVE: P-384
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 40:51:B5:0A:53:CE:54:25:34:5C:DC:E5:70:74:B3:6F:D4:D3:01:84
+ X509v3 Authority Key Identifier:
+ keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
+ DirName:/CN=USER OpenVPN CA
+ serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: ecdsa-with-SHA256
+ 30:65:02:30:7e:24:b4:72:c8:67:13:4f:a0:ba:09:76:d0:33:
+ 36:35:d4:d0:df:e7:a5:25:25:af:ce:36:67:42:22:bf:42:fb:
+ ab:96:52:73:c1:b2:a0:58:3a:90:b1:8a:78:70:eb:c9:02:31:
+ 00:d9:4a:41:83:7a:5d:1b:6c:e2:d0:2d:b7:c3:b9:b7:11:26:
+ 90:fa:9c:cb:20:e6:c4:cf:06:65:8b:8e:6b:00:c7:ec:77:f0:
+ 85:75:17:58:0b:ef:06:8b:13:0b:57:61:25
+-----BEGIN CERTIFICATE-----
+MIICDjCCAZSgAwIBAgIQNBOAPiF/O90Kr9XLDRdLPDAKBggqhkjOPQQDAjAaMRgw
+FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjE3WhcNMjIwNzE0
+MTMxNjE3WjASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAEg6SVTPQYkkfx/ibULDqhZXN7780m79zXetyVmotmP+nJLvasCg6hj72lAEI6
+MAOcCltKwzy8YgVgNzaZ5OcnLa6pwaJXNY7SWXcpFmRQlBbKGhkxGoOMQQd/fef8
+mIBzo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFEBRtQpTzlQlNFzc5XB0s2/U
+0wGEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
+VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjB+
+JLRyyGcTT6C6CXbQMzY11NDf56UlJa/ONmdCIr9C+6uWUnPBsqBYOpCxinhw68kC
+MQDZSkGDel0bbOLQLbfDubcRJpD6nMsg5sTPBmWLjmsAx+x38IV1F1gL7waLEwtX
+YSU=
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDrR6bejMZ+YEKPLqFW
+EcqqktxOsksvQB6WL0olu99MczjNpHbWRJdzF0b1CxYYTKChZANiAASDpJVM9BiS
+R/H+JtQsOqFlc3vvzSbv3Nd63JWai2Y/6cku9qwKDqGPvaUAQjowA5wKW0rDPLxi
+BWA3Npnk5yctrqnBolc1jtJZdykWZFCUFsoaGTEag4xBB3995/yYgHM=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+ea8f1c83226838b22597668f903e9929
+6b77ff8cf2afd8d9f839344c47f85693
+d4280a82bc743e01159f17545f7d7e23
+1e91d5292c53c26c353618495b7a4013
+8df9a1de2a3278ea55ac22d1a85b11bb
+b155df61c10e835b49b2960a52840aa1
+64ea57bc98da062b695e06e3aca108c8
+d755dbd543d0d816546d7647d326aaea
+8e02195160d37f131ffe52a1f39c017e
+69fcb995e6fab1ee7a64c8b5a3946faa
+38613b3bdbdd95443a7ec3b17386dce9
+b070e4a7cb7ce59152a37985e8a7d881
+b2c1da898f177dba80e0b53e7bbf53c0
+c7431ebce43cfebc92fa4e4ac49a146c
+84ae27231334ca1dac42dea1f964d48f
+eb7313175e956356f6ecefd289864a1a
+-----END OpenVPN Static key V1-----
+</tls-auth>
https://git.useribm.hu / user-lxc.git / commitdiff