Question

Does my 1-click OpenVPN droplet need SSL to be secure?

Posted September 10, 2019 241 views
Security VPN Ubuntu 18.04

I have a 1-click OpenVPN droplet, but when I go to the admin panel (https://[my-ip]/admin) it’s not using SSL. Does it need SSL to be secure, like if I connect to it from my phone is the traffic encrypted and/or secure? I figured the 1-click droplet should have everything pre-installed and set-up. I have a basic understanding of how VPN’s work but this is something I’m not sure about.

Add a comment
45d4f99a36b3f0f7090dbdd03bb5d544712037a2
By:
Buscedv
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
baraboom September 12, 2019

Hi,

This connection, https://[my-ip]/admin, will be encrypted - note the “https” at the beginning. The OpenVPN 1-Click option ships with what is known as a “self-signed” SSL certificate which most browsers do not trust. This is why the “page might not be trusted or secure” warning comes up when you try to visit a site with a self-signed cert. The data will still be encrypted, though.

If this was a commerce site or something you’d want to be highly accessible by more than yourself then you’d probably want to take a look at LetsEncrypt and setting up a free, “signed” SSL cert.

If this is just you accessing the admin and you trust that it is your Droplet, then there’s no technical need to change what you have.

Hope this helps, if you have any other questions or feedback please let us know.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help