Question
Does my 1-click OpenVPN droplet need SSL to be secure?
- Posted September 10, 2019
- VPNSecurityUbuntu 18.04
I have a 1-click OpenVPN droplet, but when I go to the admin panel (https://[my-ip]/admin) it’s not using SSL. Does it need SSL to be secure, like if I connect to it from my phone is the traffic encrypted and/or secure? I figured the 1-click droplet should have everything pre-installed and set-up. I have a basic understanding of how VPN’s work but this is something I’m not sure about.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi,
This connection, https://[my-ip]/admin, will be encrypted - note the “https” at the beginning. The OpenVPN 1-Click option ships with what is known as a “self-signed” SSL certificate which most browsers do not trust. This is why the “page might not be trusted or secure” warning comes up when you try to visit a site with a self-signed cert. The data will still be encrypted, though.
If this was a commerce site or something you’d want to be highly accessible by more than yourself then you’d probably want to take a look at LetsEncrypt and setting up a free, “signed” SSL cert.
If this is just you accessing the admin and you trust that it is your Droplet, then there’s no technical need to change what you have.
Hope this helps, if you have any other questions or feedback please let us know.
