Setup OpenVPN & SSTP Protocols
Our VPN server already supports L2TP/IPsec and SoftEther SSL-VPN out of the box, but if you want to use OpenVPN and SSTP protocols too, we’ll need to do some more configuration (if you don’t want to use these additional protocols, skip this page and move on to: Install & Setup dnsmasq, Setup IPTables.
OK let’s get started, if you’re not already logged on to your VPN server via Server Manager, do so now, then click on the Encryption & Network button.

We need to create a new CA Certificate for encryption purposes, but the one automatically generated by SoftEther won’t work because earlier we disabled DDNS making the hostname incorrect. Look for the “Server Certificate Settings” heading and click the New button.

Now we can create a new CA Certificate by filling out the form, the most important field is “Common Name:” which must be your VPS IP address, the other details are not so important because this is a self-signed certificate which will only be used between you and your server. Make sure the “Certificate Type:” option is set to Root Certificate (Self-Signed Certificate), then fill out the form as follows, and/or see the images further below:
- Common Name (CN): [your_vps_ip_address]
- Organization (O): [anything_fictional_company_name]
- Organizational Unit (OU): Security Dept.
- Country (C): [your_country]
- State (ST): [your_state]
- Locale (L): [your_city]
- Serial Number (SN): [leave_blank]
- Expires in: 3650
- Strengthness: 2048
Once you’ve filled out the form, click OK, then Yes to the alert.


Now click OK on the “Encryption & Network Settings” window to finalize the new CA Certificate, then click OK to the alert box.


Export .CRT .OVPN Config Files
In order to use both OpenVPN and SSTP, we need to export the CA certificate and OpenVPN configuration files, so click on Encryption & Network button again.

Go to your info.txt file and copy your VPS’ IP address to clipboard, then click on the Export button.

Make sure the “Save Method” is set to Save as X509 Certificate (.CER) and Private Key File (.KEY) option, then click OK.

When the Save as file dialog appears, click Documents on the left window pane, then navigate to your VPNGuide folder and enter it. Paste your VPS IP address into the filename box then type .crt for the file extension (important!).

For the .KEY file leave the name as your VPS’ IP address and just click Save, then OK to the advisory alert box..


OpenVPN Configuration File
SoftEther can automatically generate a fully configured .OVPN file for us. Open up SoftEther Server Manager and click the OpenVPN / MS-SSTP Setting button.

Go to your info.txt file and copy your VPS’ IP address to clipboard. Now click the Generate a Sample Configuration File for the OpenVPN Clients button.

The server will then generate an OpenVPN config file. When the Save As file dialog window appears, click on Documents on left window pane, then navigate to your VPNGuide folder, save the file as your VPN servers IP address with a .zip extension, then click Save.

An advisory dialog will popup asking if you want to open the Zip file now, click No then click OK to close the OpenVPN / MS-SSTP Settings window.

That has finished this optional OpenVPN/MS-SSTP section, so you can move onto: Install & Setup dnsmasq, Setup IPTables.
Leave a Reply