Last Updated: February 25, 2016
·
4.527K
· christurnbull

CentOS 7 and legacy openVPN

CentOS 7 no longer supports MD5, which is a good thing.
But not so great if your still using certificates with MD5 encryption for openVPN as it will fail to connect. Here's a workaround to get it working.

yum install openvpn
cd /etc/openvpn
mv client.conf service.conf

systemctl enable openvpn@service.service

Add this:

[Service]
Environment="OPENSSL_ENABLE_MD5_VERIFY=1 NSS_HASH_ALG_SUPPORT=+MD5"

to /usr/lib/systemd/system/openvpn@.service

systemctl daemon-reload
systemctl restart openvpn@service.service