Posted September 21, 2020 2.6k views
UbuntuVPNUbuntu 20.04

I followed the tutorial
My server is ubuntu-20-04 as well as my CA server. All are up to date.

Step 11 — Creating the Client Configuration Infrastructure
The introduces tls-crypt into the client1.ovpn configuration file.
RE: sudo openvpn –config ~/client-configs/files/x530.ovpn

I believe my error:
Options error: –tls-auth and –tls-crypt are mutually exclusive
I could change the script, to remove all occurances of tls-crypt, is that correct?

Thanks for any help,

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Hi @dwbauer,

This is a commonly faced issue. –tls-crypt also includes authentication, and thereby makes –tls-auth redundant. Having said that, it’s up to you which one to use.

Additionally, once you decide which to use, you need to pick just one. The catch is that unlike encryption, the server and client profiles must match in their usage of tls-auth or tls-crypt.


by Jamon Camisso
OpenVPN is an open-source Virtual Private Network (VPN) application that lets you create and join a private network securely over the public Internet. In this tutorial you will learn how to install and configure OpenVPN on an Ubuntu 20.04 Focal server using Elliptic Curve Cryptography (ECC) for a modern and secure VPN configuration. You will also learn how to connect Windows, macOS, iOS, Android and Linux clients to your VPN.