# Copy this file to /etc/certidude/template.ovpn and customize gateway IP addresses # Run as client client # tls-client; pull nobind # OpenVPN gateway(s), uncomment remote-random to load balance comp-lzo proto udp remote 1.2.3.4 ;remote 1.2.3.5 ;remote-random # Virtual network interface settings dev tun persist-tun # Customize crypto settings ;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA384 ;cipher AES-256-CBC ;auth SHA384 # Check that server presented certificate has TLS Server flag present remote-cert-tls server # X.509 business persist-key <ca> {{ca}} </ca> <key> {{key}} </key> <cert> {{cert}} </cert> # Revocation list <crl-verify> {{crl}} </crl-verify> # Pre-shared key for extra layer of security ;<ta> ;... ;</ta>