##############################################

# Sample client-side OpenVPN 2.0 config file #

# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote secure.osp.pe 1194
;remote my-server-2 1194
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
;ca ca.crt
;cert client.crt
;key client.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
<ca>
-----BEGIN CERTIFICATE-----
MIIEpDCCA4ygAwIBAgIJANiJXxjAegqtMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYD
VQQGEwJQRTELMAkGA1UECBMCTEkxDTALBgNVBAcTBExpbWExDDAKBgNVBAoTA09T
UDERMA8GA1UECxMIU2lzdGVtYXMxFjAUBgNVBAMTDXNlY3VyZS5vc3AucGUxDzAN
BgNVBCkTBnNlY3VyZTEdMBsGCSqGSIb3DQEJARYOZ29uemFsb0Bvc3AucGUwHhcN
MTUxMjA1MTczNzUxWhcNMjUxMjAyMTczNzUxWjCBkjELMAkGA1UEBhMCUEUxCzAJ
BgNVBAgTAkxJMQ0wCwYDVQQHEwRMaW1hMQwwCgYDVQQKEwNPU1AxETAPBgNVBAsT
CFNpc3RlbWFzMRYwFAYDVQQDEw1zZWN1cmUub3NwLnBlMQ8wDQYDVQQpEwZzZWN1
cmUxHTAbBgkqhkiG9w0BCQEWDmdvbnphbG9Ab3NwLnBlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxLU8dNLVa8XU5y/q7S0Zmyl6okW7fym8hu+le7Cp
3pdVgacwSCSzChHWpjXswOKKn0zUKPjBEpJG34i9WGFMWBwKBnExkAKPnC2yWjTM
thNoxuUpL3FYQIr7xWaq/wFtChKUpixd1i+8vi53Wi39zf5HnpksH411yUMZlIMc
jYIxQ6D0/6AZyirUjHoeG+5XBfkzDvUfr07SUFCWM/hwyquG2a8g8ydvQX21WGo2
lCB/B2reYtpc0dDyHQdqeYBNcEeha8XttDobuEGONrb3ans1mvqTTVc1jYKvxXFs
SYQPXZ/Rk48hNUKe0BW/5qemSDpwzzasB5qzXoRxdDrRmQIDAQABo4H6MIH3MB0G
A1UdDgQWBBSRn/NE79oAt7pZLTxEULttusFG5jCBxwYDVR0jBIG/MIG8gBSRn/NE
79oAt7pZLTxEULttusFG5qGBmKSBlTCBkjELMAkGA1UEBhMCUEUxCzAJBgNVBAgT
AkxJMQ0wCwYDVQQHEwRMaW1hMQwwCgYDVQQKEwNPU1AxETAPBgNVBAsTCFNpc3Rl
bWFzMRYwFAYDVQQDEw1zZWN1cmUub3NwLnBlMQ8wDQYDVQQpEwZzZWN1cmUxHTAb
BgkqhkiG9w0BCQEWDmdvbnphbG9Ab3NwLnBlggkA2IlfGMB6Cq0wDAYDVR0TBAUw
AwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEEN15hZaMxlUoUw4pj+/OVr7AbwtJLRE
H76hcOT0ko3D3I+AbpwkKQUttjD2y4H6erhjXir7eDdr3lUQmPSJqHDTPX+F9PzV
EtJkRzNkmHcPLx771OBQ8uwo2TEw/WD8QPBX6aDP6wuNShBjQGNc6idexF4nYXTt
8rJrhTTdv9gGO07WrRsGnpjNy3As+3nc/MsPBDLa8e8BarGrEigv8YNsRD25oWfV
uSVbV4xI8SfWuxurY8ZGeVgKp44+5rat5046M9fljwq1CrxsM4Eskjuh6K8Vf1Y5
1ertn73HYdtB1v9onVVDazleWWzZIgyL9LIbHmsDrvbIRVeqSjyL0g==
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=PE, ST=LI, L=Lima, O=OSP, OU=Sistemas, CN=secure.osp.pe/name=s
ecure/emailAddress=gonzalo@osp.pe
Validity
Not Before: Jan 25 23:44:13 2016 GMT
Not After : Jan 22 23:44:13 2026 GMT
Subject: C=PE, ST=LI, L=Lima, O=OSP, OU=Sistemas, CN=fernando/name=secur
e/emailAddress=fm@osp.pe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:aa:5b:22:8a:91:1c:33:75:2c:bf:67:b5:73:
e8:c4:0c:6c:49:de:f9:8d:00:02:0c:07:1b:3b:53:
87:a9:bb:30:e2:80:a9:98:07:5e:75:a3:3e:ff:73:
ed:94:66:22:d6:19:9d:71:e5:8f:c5:34:3d:5d:1f:
10:8d:94:e0:c1:fe:fa:55:18:58:90:9a:2d:0b:ce:
90:a5:3b:b2:a5:77:5e:99:dd:31:23:47:ae:06:2c:
5e:48:be:36:05:5a:d6:96:d5:b5:88:fa:52:a9:db:
4b:25:78:32:03:c1:c4:11:1d:0c:a7:18:86:ed:71:
d3:77:90:93:f7:46:e2:24:e9:fc:dc:8d:ec:ef:bb:
d9:2b:74:c0:6d:bb:51:76:16:53:81:82:67:b5:5b:
8a:3b:81:e0:88:0b:21:19:d2:19:f1:8d:cc:eb:b8:
 ab:b4:44:52:cd:e1:c0:13:e8:49:85:49:1f:c3:7e:
8f:be:12:11:4d:85:73:82:ec:ef:f2:d3:5c:36:4e:
69:b2:38:5e:dd:a1:84:f2:da:3f:d5:1a:f3:27:12:
67:b0:27:db:78:5c:b1:5e:cb:2a:1d:26:dc:7d:dc:
9f:6c:9d:9c:9c:e6:88:6f:a1:7a:2e:1e:6b:2d:53:
7a:07:17:5b:3c:55:26:19:7c:e4:e1:ba:57:52:48:
18:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
ED:6F:E4:15:A5:39:24:D2:28:E2:A7:19:F5:5F:0E:F3:44:F6:B8:CC
X509v3 Authority Key Identifier:
keyid:91:9F:F3:44:EF:DA:00:B7:BA:59:2D:3C:44:50:BB:6D:BA:C1:46:E
6
DirName:/C=PE/ST=LI/L=Lima/O=OSP/OU=Sistemas/CN=secure.osp.pe/na
me=secure/emailAddress=gonzalo@osp.pe
serial:D8:89:5F:18:C0:7A:0A:AD
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:fernando
Signature Algorithm: sha256WithRSAEncryption
83:da:3d:6e:51:eb:c5:19:6d:0b:2e:fa:3f:24:cb:e0:af:bf:
8c:5f:b4:a7:1d:b6:80:13:d1:a1:5a:84:dd:96:ef:a6:fe:1e:
98:45:e6:8a:33:9a:a6:69:fc:80:90:65:9e:e6:53:31:bb:b8:
75:38:90:3d:02:bd:ef:34:e9:08:4c:1e:91:63:15:66:24:bf:
63:eb:f9:f2:6c:a8:ab:bb:7b:2a:97:15:fd:7f:94:8a:de:54:
9a:e5:62:2a:53:13:c1:20:14:96:53:8c:ed:b6:ee:c0:04:f8:
6f:cc:02:a1:f8:0f:36:95:f2:84:17:02:11:45:3d:08:cd:ee:
06:e8:bc:eb:12:e4:d1:72:a6:c0:65:39:95:4e:da:0b:19:2c:
4e:cb:1d:be:9b:ab:79:60:1b:cd:4b:69:47:67:20:2c:6e:44:
0d:04:dc:a5:c9:94:e5:f8:6d:2d:56:4d:29:c4:68:02:68:53:
d2:a0:be:38:a3:91:c5:77:a0:c2:fc:91:f2:f4:c2:66:28:8d:
31:8f:3d:62:a7:11:cc:00:c4:5a:8c:c3:78:5f:1d:5d:cf:03:
64:2b:ee:ea:31:a5:70:65:72:82:19:bd:06:b1:b3:71:3b:58:
9c:cb:8d:07:66:34:93:7e:d2:01:9e:fb:b2:a9:b5:3c:60:08:
ea:20:db:89
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCUEUx
CzAJBgNVBAgTAkxJMQ0wCwYDVQQHEwRMaW1hMQwwCgYDVQQKEwNPU1AxETAPBgNV
BAsTCFNpc3RlbWFzMRYwFAYDVQQDEw1zZWN1cmUub3NwLnBlMQ8wDQYDVQQpEwZz
ZWN1cmUxHTAbBgkqhkiG9w0BCQEWDmdvbnphbG9Ab3NwLnBlMB4XDTE2MDEyNTIz
NDQxM1oXDTI2MDEyMjIzNDQxM1owgYgxCzAJBgNVBAYTAlBFMQswCQYDVQQIEwJM
STENMAsGA1UEBxMETGltYTEMMAoGA1UEChMDT1NQMREwDwYDVQQLEwhTaXN0ZW1h
czERMA8GA1UEAxMIZmVybmFuZG8xDzANBgNVBCkTBnNlY3VyZTEYMBYGCSqGSIb3
DQEJARYJZm1Ab3NwLnBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
xqpbIoqRHDN1LL9ntXPoxAxsSd75jQACDAcbO1OHqbsw4oCpmAdedaM+/3PtlGYi
1hmdceWPxTQ9XR8QjZTgwf76VRhYkJotC86QpTuypXdemd0xI0euBixeSL42BVrW
ltW1iPpSqdtLJXgyA8HEER0MpxiG7XHTd5CT90biJOn83I3s77vZK3TAbbtRdhZT
gYJntVuKO4HgiAshGdIZ8Y3M67irtERSzeHAE+hJhUkfw36PvhIRTYVzguzv8tNc
Nk5psjhe3aGE8to/1RrzJxJnsCfbeFyxXssqHSbcfdyfbJ2cnOaIb6F6Lh5rLVN6
BxdbPFUmGXzk4bpXUkgYiwIDAQABo4IBXjCCAVowCQYDVR0TBAIwADAtBglghkgB
hvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
BBTtb+QVpTkk0ijipxn1Xw7zRPa4zDCBxwYDVR0jBIG/MIG8gBSRn/NE79oAt7pZ
LTxEULttusFG5qGBmKSBlTCBkjELMAkGA1UEBhMCUEUxCzAJBgNVBAgTAkxJMQ0w
CwYDVQQHEwRMaW1hMQwwCgYDVQQKEwNPU1AxETAPBgNVBAsTCFNpc3RlbWFzMRYw
FAYDVQQDEw1zZWN1cmUub3NwLnBlMQ8wDQYDVQQpEwZzZWN1cmUxHTAbBgkqhkiG
9w0BCQEWDmdvbnphbG9Ab3NwLnBlggkA2IlfGMB6Cq0wEwYDVR0lBAwwCgYIKwYB
BQUHAwIwCwYDVR0PBAQDAgeAMBMGA1UdEQQMMAqCCGZlcm5hbmRvMA0GCSqGSIb3
DQEBCwUAA4IBAQCD2j1uUevFGW0LLvo/JMvgr7+MX7SnHbaAE9GhWoTdlu+m/h6Y
ReaKM5qmafyAkGWe5lMxu7h1OJA9Ar3vNOkITB6RYxVmJL9j6/nybKiru3sqlxX9
f5SK3lSa5WIqUxPBIBSWU4zttu7ABPhvzAKh+A82lfKEFwIRRT0Ize4G6LzrEuTR
cqbAZTmVTtoLGSxOyx2+m6t5YBvNS2lHZyAsbkQNBNylyZTl+G0tVk0pxGgCaFPS
oL44o5HFd6DC/JHy9MJmKI0xjz1ipxHMAMRajMN4Xx1dzwNkK+7qMaVwZXKCGb0G
sbNxO1icy40HZjSTftIBnvuyqbU8YAjqINuJ
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDGqlsiipEcM3Us
v2e1c+jEDGxJ3vmNAAIMBxs7U4epuzDigKmYB151oz7/c+2UZiLWGZ1x5Y/FND1d
HxCNlODB/vpVGFiQmi0LzpClO7Kld16Z3TEjR64GLF5IvjYFWtaW1bWI+lKp20sl
eDIDwcQRHQynGIbtcdN3kJP3RuIk6fzcjezvu9krdMBtu1F2FlOBgme1W4o7geCI
CyEZ0hnxjczruKu0RFLN4cAT6EmFSR/Dfo++EhFNhXOC7O/y01w2TmmyOF7doYTy
2j/VGvMnEmewJ9t4XLFeyyodJtx93J9snZyc5ohvoXouHmstU3oHF1s8VSYZfOTh
uldSSBiLAgMBAAECggEAMVXO6gYFQT6aI7GovIv7SuxW3AVubZCJ8Zi2L4Zv0zu0
SRtwgluaHpaap2+PmWG/1vFngwhiKrPtZTm4r6BALIz4d7djDw3qj9sNWqs3kxXQ
vV8Lu9oqIkhUZbYuzief0LdjrI+Vha76u2Rc70foO+O956UUpNS2kiOqSyckM8wj
vx+3X731J3lc9WHPK9qYzlVskcYRgpDih4JkoEmXwIN6S4IAeC9X3Uch6RSZgL1D
zuAddYEKq67OBdeOF3Ksy+se87aUS3uG1obPw7L2OmZfQr2T4w1iKqV8Gu/q0Mna
hFB1NAJQHGsYJByVOGJTa6Epetzuy+N+ZuGXxjne2QKBgQDnOXn9zslwcGodg2qK
/EEt1jY6p8TIEKzhEAg45U/Dw5pSFrzv7nSPgUnW1eMDROuzbnFNoYKKYE1inQvA
TrAlBa17kTqTO+i4sANtvFCmZjO1A8lz+qVMMvJZ8n2xO9MIupZvQ2mrQ31CvyFe
jY8Eqo4GDGGQUxNCO4566V6xrQKBgQDb88eHAcgA7ITVTSYHddtNg29dXxcDd4IB
vk7xKQns8kz4AjucqBHbq53CcxmimEgVzR4NYETXBr2hjaifksKNlWTgXjfyo+k9
e3Sluy/6Ntk6t541pk9zQ7riL6mY+hRb0RQpZOI1S0x1vEXHKZkEJ+lgUtFQxZsZ
u3wulZbqFwKBgGhmzE0sTEoHh/JRfw7IPUnL+epcC/7lgJmSWpQN/gj/TbOY7rBK
87hEASoOoxS7zszSpjgOH9oJB4fqLv8iyGe++4jalx8ZoseZOcMXjzbC2L/3uMM0
PeR88G5qjhQzVeMQFJKiVpjsvSchE5kUw6mwtLXIa1j2GbEDIR8gNhB1AoGAWzeH
WOMROejc0cTz74YeE9BdYACuf56RSP3OqU7WsfBuoS/z3u0IsuxCOcEYMYkr4/az
7uIsymweOqCP/NWVX7hEJJSOaU82zGulnZG6vO8AOcyqjR9Stb+yAlm34RxdUxKr
ZNtUwLtgkzcoTQdgUQvoSi0uZ2v7/bj2MC+TbbMCgYBPDFRGsai7MurOcbnUL357
tB2jzSOLYgRU436bfleTChqXGdYvj/mJ4KvS0xu5juyfk7vvuClN9Ukr23MQxNWk
g7TqVJ6MqHRtXAOUkrODV5OdAstLGkWMJguMFCcONMvuffqKIu8DicujKWCUKAs+
TikFj720boQGnNc4Bf7/+w==
-----END PRIVATE KEY-----
</key>