Chocolatey Community Coffee Break

Join the Chocolatey Team on our regular monthly stream where we discuss all things Community, what we do, how you can get involved and answer your Chocolatey questions.

Learn More

Chocolatey Product Spotlight

Join the Chocolatey Team on our regular monthly stream where we put a spotlight on the most recent Chocolatey product releases. You'll have a chance to have your questions answered in a live Ask Me Anything format.

Learn More

Announcing Chocolatey Central Management 0.10.0

Livestream from
Thursday, 06 October 2022

We recently released our largest update to Chocolatey Central Management so far. Join Gary and Steph to find out more about Chocolatey Central Management and the new features and fixes we've added to this release.

Watch On-Demand
Chocolatey and Intune Overview

Webinar Replay from
Wednesday, 30 March 2022

At Chocolatey Software we strive for simple, and teaching others. Let us teach you just how simple it could be to keep your 3rd party applications updated across your devices, all with Intune!

Watch On-Demand
Chocolatey For Business. In Azure. In One Click.

Livestream from
Thursday, 9 June 2022

Join James and Josh to show you how you can get the Chocolatey For Business recommended infrastructure and workflow, created, in Azure, in around 20 minutes.

Watch On-Demand
The Future of Chocolatey CLI

Livestream from
Thursday, 04 August 2022

Join Paul and Gary to hear more about the plans for the Chocolatey CLI in the not so distant future. We'll talk about some cool new features, long term asks from Customers and Community and how you can get involved!

Watch On-Demand
Hacktoberfest Tuesdays 2022

Livestreams from
October 2022

For Hacktoberfest, Chocolatey ran a livestream every Tuesday! Re-watch Cory, James, Gary, and Rain as they share knowledge on how to contribute to open-source projects such as Chocolatey CLI.

Watch On-Demand
Chocolatey Product Spotlight: Chocolatey 1.2.0 and Chocolatey Licensed Extension 5.0.0

Livestream from
Thursday, 03 November 2022

Join Paul and Gary for this months Chocolatey product livestream where we look at the latest release of Chocolatey 1.2.0, Chocolatey Licensed Extension 5.0.0 and shine a spotlight on the new hook scripts functionality. This opens up so many possibilities for Chocolatey CLI users!

Watch On-Demand
Chocolatey Coding Livestream

Livestream from
Tuesday, 29 November 2022

Join Josh as he adds the ability to manage Chocolatey GUI config and features with the Chocolatey Ansible Collection.

Watch On-Demand
Introduction into Chocolatey with Veeam

Webinar from
Tuesday, 13 December 2022

Join Gary, Paul, and Maurice as they introduce and demonstrate how to use Chocolatey! Questions will be answered live in an Ask Me Anything format.

Watch On-Demand

Downloads:

575,763

Downloads of v 2.3.13:

3,216

Last Update:

07 Nov 2016

Package Maintainer(s):

Software Author(s):

  • OpenVPN Technologies
  • Inc

Tags:

openvpn community tunnel ssl admin

OpenVPN Community

This is not the latest version of OpenVPN Community available.

  • 1
  • 2
  • 3

2.3.13 | Updated: 07 Nov 2016

Downloads:

575,763

Downloads of v 2.3.13:

3,216

Maintainer(s):

Software Author(s):

  • OpenVPN Technologies
  • Inc

OpenVPN Community 2.3.13

This is not the latest version of OpenVPN Community available.

  • 1
  • 2
  • 3

Some Checks Have Failed or Are Not Yet Complete

Not All Tests Have Passed


Validation Testing Passed


Verification Testing Passed

Details

Scan Testing Resulted in Flagged:

This package was submitted (and approved) prior to automated virus scanning integration into the package moderation processs.

We recommend clicking the "Details" link to make your own decision on installing this package.

Details
Learn More

Deployment Method: Individual Install, Upgrade, & Uninstall

To install OpenVPN Community, run the following command from the command line or from PowerShell:

>

To upgrade OpenVPN Community, run the following command from the command line or from PowerShell:

>

To uninstall OpenVPN Community, run the following command from the command line or from PowerShell:

>

Deployment Method:

NOTE

This applies to both open source and commercial editions of Chocolatey.

1. Enter Your Internal Repository Url

(this should look similar to https://community.chocolatey.org/api/v2/)


2. Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

  • Open Source or Commercial:
    • Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
    • You can also just download the package and push it to a repository Download

3. Copy Your Script

choco upgrade openvpn -y --source="'INTERNAL REPO URL'" --version="'2.3.13'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade openvpn -y --source="'INTERNAL REPO URL'" --version="'2.3.13'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode

- name: Install openvpn
  win_chocolatey:
    name: openvpn
    version: '2.3.13'
    source: INTERNAL REPO URL
    state: present

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.


chocolatey_package 'openvpn' do
  action    :install
  source   'INTERNAL REPO URL'
  version  '2.3.13'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


cChocoPackageInstaller openvpn
{
    Name     = "openvpn"
    Version  = "2.3.13"
    Source   = "INTERNAL REPO URL"
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'openvpn':
  ensure   => '2.3.13',
  provider => 'chocolatey',
  source   => 'INTERNAL REPO URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.


4. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

NOTE

Private CDN cached downloads available for licensed customers. Never experience 404 breakages again! Learn more...

Package Approved

This package was approved by moderator gep13 on 07 Nov 2016.

Description

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

This package will be installed with the following options:
* /SELECT_OPENVPN=1 : Install OpenVPN user-space components, including openvpn.exe
* /SELECT_SERVICE=1 : Install OpenVPN GUI by Mathias Sundman
* /SELECT_INTERACTIVE_SERVICE=1 : Install/upgrade the TAP virtual device driver
* /SELECT_TAP=1 : Install OpenVPN RSA scripts for X509 certificate management
* /SELECT_OPENVPNGUI=1 : Install OpenSSL DLLs locally (may be omitted if DLLs are already installed globally)
* /SELECT_ASSOCIATIONS=1 : Install LZO DLLs locally (may be omitted if DLLs are already installed globally)
* /SELECT_OPENSSL_UTILITIES=0 : Install PKCS#11 helper DLLs locally (may be omitted if DLLs are already installed globally)
* /SELECT_EASYRSA=1 : Install the OpenVPN service wrappers
* /SELECT_PATH=1 : Install the OpenVPN Interactive Service (allows running OpenVPN-GUI without admin privileges)
* /SELECT_SHORTCUTS=1 : Install the OpenSSL Utilities (used for generating public/private key pairs)
* /SELECT_OPENSSLDLLS=1 : Add OpenVPN executable directory to the current user's PATH
* /SELECT_LZODLLS=1 : Add OpenVPN shortcuts to the current user's Start Menu
* /SELECT_PKCS11DLLS=1 : Register OpenVPN config file association (*.ovpn)

The only difference with the default package configuration is the EASYRSA option enabled while the default install disables it.


tools\chocolateyInstall.ps1
$packageName = 'openvpn'
$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$fileType = 'exe'
$url = 'https://swupdate.openvpn.org/community/releases/openvpn-install-2.3.13-I601-i686.exe'
$url64 = 'https://swupdate.openvpn.org/community/releases/openvpn-install-2.3.13-I601-x86_64.exe'
# For a list of all silent arguments used
# https://github.com/OpenVPN/openvpn-build/blob/master/windows-nsis/openvpn.nsi#L431
# For their description
# https://github.com/OpenVPN/openvpn-build/blob/master/windows-nsis/openvpn.nsi#L102
$silentArgs = '/S /SELECT_EASYRSA=1'
$validExitCodes = @(0)
$checksum = '182c7d906a9fc081080dc3b4459e3ec867681e6cb645a75d2ebe04d1d06ed14605622c4f34ef4d352bbdf68d81b06e2de634bed75cdb7d939e7f2cdd7973d986'
$checksum64='9ad6cb9afc7932dc883835cf60b5efd94ee3f0914d1fb948982056abd04df9aeb8eca3554bd13acb356602ee85e202276397a3d0fab78e7f4d854406703e007e'
$pgpKey = "samuli_public_key.asc"
$urlSig = 'https://swupdate.openvpn.org/community/releases/openvpn-install-2.3.13-I601-i686.exe.asc'
$urlSig64 = 'https://swupdate.openvpn.org/community/releases/openvpn-install-2.3.13-I601-x86_64.exe.asc'
$checksumSig = '8857ea92983a69cd31e2df6342e01231b3e934129056d33564e3cef0ddd3c2dc35bd0ecb52dfe4649a2df2421ad68b1d437eb7a21ad1a800993ae598b2f1372a'
$checksumSig64 = 'dc4ec34b30d8924dfd51975f72f12ee36d7b2bdb3c80a8b8916045d63823ac6ad5833b1f543096296b2d07c4c659ff28811a2328936d11aa1b072856975465bf'

# Start-Process, Get-Service and Set-Service seem to be only available in PowerShell 3.0
if ($PSVersionTable.PSVersion.Major -lt 3) {
    throw "You need at least PowerShell 3.0 as this script relies on Cmdlets introduced with that version."
}

# This function is based on part of the code of the command
# Install-ChocolateyPackage
# src.: https://goo.gl/jUpwOQ
function GetTemporaryDirectory {

    $chocTempDir = $env:TEMP
    $tempDir = Join-Path $chocTempDir "$($env:chocolateyPackageName)"
    if ($env:chocolateyPackageVersion -ne $null) {
        $tempDir = Join-Path $tempDir "$($env:chocolateyPackageVersion)"
    }
    $tempDir = $tempDir -replace '\\chocolatey\\chocolatey\\', '\chocolatey\'

    if (![System.IO.Directory]::Exists($tempDir)) {
        [System.IO.Directory]::CreateDirectory($tempDir) | Out-Null
    }

    return $tempDir
}

Write-Host "Downloading package installer..."
$packageFileName = Get-ChocolateyWebFile `
    -PackageName $packageName `
    -FileFullPath $(Join-Path $(GetTemporaryDirectory) "$($packageName)Install.$fileType")`
    -Url $url `
    -Url64bit $url64 `
    -Checksum $checksum `
    -ChecksumType 'sha512' `
    -Checksum64 $checksum64 `
    -ChecksumType64 'sha512'

# Download signature and saving it as the original name
# The GPG signature needs to have the same filename as the file checked but
# with the .asc suffix, otherwise gpg reports it cannot verify the file with
# the following message:
# gpg: no signed data
# gpg: can't hash datafile: No data
Write-Host "Downloading package signature..."
$sigFileName = Get-ChocolateyWebFile `
    -PackageName $packageName `
    -FileFullPath $(Join-Path $(GetTemporaryDirectory) "$($packageName)Install.$fileType.asc")`
    -Url $urlSig `
    -Url64bit $urlSig64 `
    -Checksum $checksumSig `
    -ChecksumType 'sha512' `
    -Checksum64 $checksumSig64 `
    -ChecksumType64 'sha512'

# If GPG has been just added, need to refresh to access to it from this session
Update-SessionEnvironment

if (!(Get-Command "gpg.exe" -ErrorAction SilentlyContinue)) {
    throw "Cannot find 'gpg.exe'. Unable to check signatures."
}

if (!(Test-Path "$toolsDir\$pgpKey")) {
    throw "Cannot find the PGP key '$pgpKey'. Unable to check signatures."
}

Write-Host "Importing '$pgpKey' in GPG trusted keyring..."
# Simply invoing the command gpg.exe and checking the value of $? was not
# enough. Using the following method worked and was indeed more reliable.
# src.: https://goo.gl/Ungugv
$ReturnFromEXE = Start-Process `
    -FilePath "gpg.exe" `
    -ArgumentList "--import $toolsDir\$pgpKey" `
    -NoNewWindow -Wait -Passthru
if (!($ReturnFromEXE.ExitCode -eq 0)) {
    throw "Unable to import PGP key '$pgpKey'. Unable to check signatures."
}

Write-Host "Trusting '$pgpKey'..."
# src.: http://stackoverflow.com/a/8762068/3514658
$psi = New-object System.Diagnostics.ProcessStartInfo
$psi.CreateNoWindow = $true
$psi.UseShellExecute = $false
$psi.RedirectStandardOutput = $true
$psi.RedirectStandardError = $true
$psi.FileName = 'gpg.exe'
$psi.Arguments = @("--with-fingerprint --with-colons $toolsDir\$pgpKey")
$process = New-Object System.Diagnostics.Process
$process.StartInfo = $psi
# The [void] casting is actually needed to avoid True or False to be displayed
# on stdout.
[void]$process.Start()
# Get the full fingerprint of the key
$output = $process.StandardOutput.ReadToEnd()
$process.WaitForExit()

# Parse output
$output = $output -split ':'
# Even if the number 6 corresponds to the level 5 (ultimate trust) which is
# usually dedicated to our own keys. Using the number 5 corresponding to the
# level 4 (trully trust) is not enough for this case. Checking a signature
# requires an ultimate trust in the key.
$output = $output[18] + ":6:"

$psi = New-object System.Diagnostics.ProcessStartInfo
$psi.CreateNoWindow = $true
$psi.UseShellExecute = $false
$psi.RedirectStandardInput = $true
$psi.FileName = 'gpg.exe'
$psi.Arguments = @("--import-ownertrust")
$process = New-Object System.Diagnostics.Process
$process.StartInfo = $psi
[void]$process.Start()

# Specify the fingerprint and the trust level to stdin
# e.g.: ABCDEF01234567890ABCDEF01234567890ABCDEF:6:
$input = $process.StandardInput
$input.WriteLine($output)
# Not written until the stream is closed. If not closed, the process will still
# run and the software will hang.
# src.: https://goo.gl/5oYgk4
$input.Close()
$process.WaitForExit()

Write-Host "Checking PGP signatures..."
$ReturnFromEXE = Start-Process `
    -FilePath "gpg.exe" `
    -ArgumentList "--verify $sigFileName" `
    -NoNewWindow -Wait -Passthru
if (!($ReturnFromEXE.ExitCode -eq 0)) {
    throw "The OpenVPN installer signature does not match. Installation aborted."
}

# The setup to install a driver for the virtual network device TAP asks us if
# we want to trust the certificate from OpenVPN Technologies, Inc. In order to
# have a complete silent install, we will add that certificate to the Windows
# keystore.
#
# In order to get that certificate, we had to
# - install the driver accepting the certificate,
# - tick the checkbox "Always trust software from "OpenVPN Technologies, Inc.""
#   which has the effect to consider OpenVPN as a trusted publisher
# - then run certmgr.msc,
# - expand "Certificates (Local Computer) –> Trusted Publishers –> Certificates",
# - right click the OpenVPN Technologies certificate
# - select "All Tasks –> Export..."
# - click Next
# - select Base64 encoded x.509 (.CER) and click Next
# - click Browse, navigate to the location you wish to save the certificate and click Next
# - click Finish
# - click OK
# The certificate is now in the location specified.
# src.: https://goo.gl/o3BVGJ
# Next time we install the software, even if we remove that certificate,
# Windows will not ask us to confirm the installation as the driver is cached
# in the Drivers Store (C:\Windows\Inf). To simulate a first install we need to
# remove the cached drivers as well.
# src.: https://goo.gl/Zbcs6T
Write-Host "Adding OpenVPN certificate to have a silent install of the OpenVPN TAP driver..."
Start-ChocolateyProcessAsAdmin "certutil -addstore 'TrustedPublisher' '$toolsDir\openvpn.cer'"

$service = Get-Service | Where-Object {$_.Name -like "*OpenVPN*"}
$serviceNeedsRestart = $False
$serviceStartMode = [System.ServiceProcess.ServiceStartMode]::Manual
if ($service) {
    if ($service.Status -eq "Running") {
        $serviceNeedsRestart = $True
    }

    $serviceStartMode = $service.StartType
}

Write-Host "Installing OpenVPN..."
Install-ChocolateyInstallPackage `
    -PackageName $packageName `
    -FileType $fileType `
    -SilentArgs $silentArgs `
    -File $packageFileName `
    -ValidExitCodes $validExitCodes

$service = Get-Service | Where-Object {$_.Name -like "*OpenVPN*"}
if (!$service) {
    throw "The OpenVN should have been installed, but the latter was not found."
}
if ($serviceNeedsRestart) {
    try {
        Write-Host "OpenVPN service was previously started. Trying to restarting it..."
        Restart-Service $service.Name
        Write-Host "OpenVPN service restarted with successful."
    } catch {
        # Do not use Write-Error, otherwise chocolatey will think the instalation has failed.
        Write-Host "OpenVPN service failed to be restarted. Manual intervention required."
    }
}
if ($serviceStartMode.ToString() -ne 'Manual') {
    try {
        Write-Host "Trying to reset the OpenVPN service to ""$serviceStartMode.ToString()""..."
        Set-Service $service.Name -startuptype $serviceStartMode
        Write-Host "OpenVPN service set to ""$serviceStartMode"" with successful."
    } catch {
        Write-Host "OpenVPN service failed to be reset to ""$serviceStartMode"". Manual intervention required."
    }
}

# The installer changes the PATH, apply these changes in the current PowerShell
# session (limited to this script).
Update-SessionEnvironment
tools\chocolateyUninstall.ps1
$packageName = 'openvpn'
$fileType = 'exe'
$silentArgs = '/S'
$validExitCodes = @(0)

# If we specify to Uninstall-ChocolateyPackage a silent argument but without
# a path, the command throws an exception. We cannot thus rely on the
# Chocolatey Auto Uninstaller feature. We will need to do manually what the
# PowerShell command does i.e. looking for the right path in the registry
# manually.

# Let's remove the certificate we inserted
Write-Host "Removing OpenVPN driver signing certificate added by this installer..."
Start-ChocolateyProcessAsAdmin "certutil -delstore 'TrustedPublisher' 'OpenVPN Technologies, Inc.'"

[array]$key = Get-UninstallRegistryKey -SoftwareName "OpenVPN*"

if ($key.Count -eq 1) {
    $key | % {
        $file = $key.UninstallString

        Write-Host "Removing OpenVPN... The OpenVPN service will be automatically stopped and removed."
        Uninstall-ChocolateyPackage `
            -PackageName "$packageName" `
            -FileType "$fileType" `
            -SilentArgs "$silentArgs" `
            -ValidExitCodes "$validExitCodes" `
            -File "$file"
    }
} elseif ($key.Count -eq 0) {
    Write-Warning "$packageName has already been uninstalled by other means."
} elseif ($key.Count -gt 1) {
    Write-Warning "$key.Count matches found!"
    Write-Warning "To prevent accidental data loss, no programs will be uninstalled."
    Write-Warning "Please alert package maintainer the following keys were matched:"
    $key | % {Write-Warning "- $_.DisplayName"}
}

# After the uninstall has performed, choco checks if there are uninstall
# registry keys left and decides to launch or not its auto uninstaller feature.
# However, here, we have a race condition. When choco checks if the following
# registry key is still present, it's already gone.
# SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenVPN
# A fix for this issue is already present in choco 0.10.4
# https://github.com/chocolatey/choco/issues/1035
if ($Env:CHOCOLATEY_VERSION -lt "0.10.4") {
    # Let's sleep. Still failing with only 3 secs. 5 seems to work.
    Start-Sleep -s 5
}

# The uninstaller changes the PATH, apply these changes in the current PowerShell
# session (limited to this script).
Update-SessionEnvironment
tools\openvpn.cer
 
tools\samuli_public_key.asc
 

Log in or click on link to see number of positives.

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Add to Builder Version Downloads Last Updated Status
OpenVPN - Open Source SSL VPN Solution 2.5.8 43678 Thursday, November 3, 2022 Approved
OpenVPN - Open Source SSL VPN Solution 2.5.7 72557 Wednesday, June 1, 2022 Approved
OpenVPN - Open Source SSL VPN Solution 2.5.6 36838 Thursday, March 17, 2022 Approved
OpenVPN - Open Source SSL VPN Solution 2.5.5 16619 Thursday, February 17, 2022 Approved
OpenVPN - Open Source SSL VPN Solution 2.5.4 233 Wednesday, February 16, 2022 Approved
OpenVPN 2.4.7 214406 Saturday, March 23, 2019 Approved
OpenVPN 2.4.6.20190116 12881 Sunday, January 20, 2019 Approved
OpenVPN 2.4.6.20180710 93460 Tuesday, July 10, 2018 Approved
OpenVPN 2.4.6 4685 Monday, June 25, 2018 Approved
OpenVPN 2.4.5 454 Monday, June 25, 2018 Approved
OpenVPN 2.4.4 23968 Tuesday, October 3, 2017 Approved
OpenVPN 2.4.3 7687 Thursday, June 22, 2017 Approved
OpenVPN 2.4.2 3485 Friday, May 26, 2017 Approved
OpenVPN 2.4.1 2486 Saturday, May 13, 2017 Approved
OpenVPN Community 2.4.0 6780 Sunday, January 8, 2017 Approved
OpenVPN Community 2.3.13.20161120 3110 Sunday, November 20, 2016 Approved
OpenVPN Community 2.3.13 3216 Monday, November 7, 2016 Approved
OpenVPN Community 2.3.11 5238 Monday, June 20, 2016 Approved
OpenVPN Community for Windows (incl. OpenVPN GUI) 2.3.10 2803 Monday, January 11, 2016 Approved
OpenVPN 2.3.6 4385 Thursday, December 18, 2014 Approved
openvpn 2.3.2 1657 Tuesday, July 16, 2013 Approved
openvpn 2.2.2.20130718 517 Thursday, July 18, 2013 Approved
openvpn 2.2.2 581 Thursday, July 18, 2013 Approved

Discussion for the OpenVPN Community Package

Ground Rules:

  • This discussion is only about OpenVPN Community and the OpenVPN Community package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or OpenVPN Community, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus