Secondary OpenVPN server needs to trust client certificates

I have an OpenVPN server set up on W2K3 and working fine with certificate (static) authentication.  I am setting up a second OpenVPN server for failover.  How do I get the secondary server to trust the client certificates that were generated on the primary server (with easy-rsa)?  I do not have a separate CA and don't want to use one so that the secondary server will still work if it can't connect to a CA (or the failed primary).

Thanks,
-Rich
rdyazAsked:
Who is Participating?
 
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
OpenVPN servers need to have the CA cert (Not the key, just the cert) for the issuer of each client cert they must trust.
Just copy it from the config of the first server.
0
 
rdyazAuthor Commented:
Ok it worked--that was a lot easier than I was making it.  Thanks!
0
All Courses

From novice to tech pro — start learning today.