Hello, I tried today to install OpenVPN on my Openwrt Mi Router 4A, it cures when I have to generate the RSA key,
(easyrsa build-ca nopass)
it takes an eternity. Is there any way to shorten it? I tried generating and transferring files from my Macbook but it didn't work
Yes, run the key creation on a normal computer... it sounds like you did...
What didn't work? The transfer? or the the files were invalid?
Was there anything in the log that might point to the problem?
EDIT: Another option, if you don't need OpenVPN specifically, is to use WireGuard. It is super easy to configure (including key creation) and is much faster and more performant than OpenVPN.
2 Likes
But I do it via ssh on router, that's why it takes so long
Of course... that's why it is recommended to do it on a regular computer, not on the router.
- Download Easy-RSA package on your PC, edit vars file.
- Use EC (Elliptic Cryptography) instead.
What files have you generated on Macbook?
Hi.
I second @psherman on this. I have switched from OpenVPN to WireGuard lately. It's much more simpler to install and has better performance. Here's a fast tutorial.
https://r.obin.ch/blog/2022/08/05/set-up-wireguard-on-openwrt
2 Likes
I did the same on mac, and it works without any problems
brew install easy-rsa
mkdir -p /tmp/certs
export EASYRSA_TEMP_DIR="/tmp/certs"
export EASYRSA_REQ_CN="ovpnca"
export EASYRSA_CERT_EXPIRE="3650"
export EASYRSA_BATCH="1"
easyrsa init-pki
easyrsa gen-dh
Then transfer the /tmp/certs/dh.pem to your router.