How to install OpenVPN on Windows 7 using Certificates


To install OpenVPN on Windows 7, go on the OpenVPN website, in the community downloads, and download the Windows Installer.

Once it is downloaded, do not run it just yet. Open the download location, right click on the file and choose properties. Go to the compatibility tab and set it compatibility to Windows Vista SP1 and tick the checkbox at the bottom that say ‘Run this program as an administrator’, Click OK which will close this dialog

Finally, right click on the Windows Installer file for the OpenVPN installation package and choose ‘Run as an Administrator’

Proceed with standard installation and accept any popup about signed or unsigned drivers if there is any.

Tutorial topology

OpenVPN Server IP Address:
Client Internet IP Address:

(Important, make sure it matches these values, change it later)
Client ABC Local Subnet before OpenVPN:
Client ABC Local Router IP Address:
Client ABC Local IP Address:

CA Certificate filename: ca.crt
Client ABC Certificate filename: client-abc.crt
Client ABC Key filename: client-abc.key

Client Certificates file:

The client certificate, the client key and the CA certificate must be copied into the client computer, especially in the OpenVPN config folder, located at:

"C:\Program Files (x86)\OpenVPN\config\" for 64 bits
"C:\Program Files\OpenVPN\config\" for 32 bits

To generate the client abc certificate and key, and that you have followed our tutorial on how to setup the openvpn service on CentOS, you can run the following command and then copie (not move), the generated client certificate and key, with the CA cert to the OpenVPN config folder, stated above:

cd /etc/openvpn/easy-rsa/2.0/
source vars
/etc/openvpn/easy-rsa/2.0/build-key client-abc

Client Configuration file:

By default the file do not exist, so open a new notepad, and save it at this location:

"C:\Program Files (x86)\OpenVPN\config\client-abc.ovpn" for 64 bits
"C:\Program Files\OpenVPN\config\client-abc.ovpn" for 32 bits

Then copy the following configuration inside and save the file:

 dev tun
 proto udp
 resolv-retry infinite
 remote 1723
 ca ca.crt
 cert client-abc.crt
 key client-abc.key

 # Uncomment the following line if you want by example that your openvpn client,
 # Which should be on the subnet to be be able to access and route
 # traffic to the subnet on the side of the OpenVPN Server,
 # assuming you have put the proper needed firewall / iptables rules.
 # route

 verb 3