Secondary OpenVPN server needs to trust client certificates
Posted on 2014-07-24
I have an OpenVPN server set up on W2K3 and working fine with certificate (static) authentication. I am setting up a second OpenVPN server for failover. How do I get the secondary server to trust the client certificates that were generated on the primary server (with easy-rsa)? I do not have a separate CA and don't want to use one so that the secondary server will still work if it can't connect to a CA (or the failed primary).