why the default setup if you create a VPN with openvpn on NS don’t use a server verification method?
WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
I think we can consider it a misconfiguration.
But before changing it, we should check if server certificate verification can work with self-signed certs.
i think that generating the ta.key on the server enable tls-aut on both side, and adding the on the .ovpn file might work without problem 
1 Like