On our current basic OpenVPN (on Windows) setup, we are using common client certificates for all clients. In order to introduce some kind of security, what are the possible measures I can make ? Alongside the following option ?
- Can I remotely replace client.cert file on client (through openVPN connection - upload custom client.cert file to the client from server) ?
Secondly:
- Can we change static Virtual IP settings in client.ovpn config file remotely (through openVPN connection) ? So that first time client may connect to openVPN server with any virtual IP and then some application (maintaining virtual IPs) may set an available Virtual IP in client.ovpn ?