hi guys,
I have question regarding setup OVPN server on mikrotik, How Can I config it for OpenVPN GUI?
What is this?

[admin@Moja-test] /certificate> print
Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa
0 KR name=”cert1″ subject=C=SE,ST=NA,O=FortFunston,CN=server,emailAddress=mail@host.domain
issuer=C=SE,ST=NA,L=SanFrancisco,O=FortFunston,CN=CA,emailAddress=mail@host.domain serial-number=”01″ email=mail@host.domain
invalid-before=mar/05/2009 20:38:30 invalid-after=mar/03/2019 20:38:30 ca=yes

How can make certificate and upload it to mikrotik?

Best Regards,

You can use startssl.com to create both the private key and certificate for openVPN ... or you can set up a CA on your computer and generate the certificates yourself (http://openvpn.net/index.php/open-sourc ... howto.html)

Import both key and certificate under system certificates

You will need to include the CA certificate that you generate or download from startssl.com with the openvpn configuration file.

I cannot help you with the actual openvpn server configuration and the openvpn configuration files ... there are many examples of them on this forum.

However I must say that OpenVPN server support in ROS 4.x-5.x is beta at best:
1, I have not found a way to propagate the default route to clients (so you have to add 60-80 route commands to the configuration files to route everything through the openvpn interface except the openvpn server IP) ... the methods that work elsewhere refuse to work with ROS.
2, OpenVPN breaks a lof of your configuration ability in winbox (missing and spurions network interfaces)
3, OpenVPN will lock up from time to time, so you need to restart the router every few days, depending on load.

GL