Thursday, February 21, 2013

Deploying OpenVPN

Problem: When deploying OpenVPN I can use the /S switch to silence the installer but Windows will prompt to trust the driver manufacturer when it attempts to install the TAP interface. I can use a third party tool to turn off Windows drivers signing, or just do the right way.

Solution: Add the OpenVPN certificate to Trusted Publishers before installing OpenVPN.

Install OpenVPN on your test box . When prompted check the box for "Always trust content from this publisher"
Start the Certificate Manager snap-in and export the "OpenVPN Technologies Inc." certificate. I used the .cer format.
Use certutil to install the .cer prior to installing OpenVPN.
certutil -addstore TrustedPublisher openvpn.cer
openvpn-*.*.*.exe /S

References:

No comments: