The following section describes how to configure OpenVPN on Windows 10 with an Idem Key Plus, TrustKey G310, or Yubikey 5 NFC FIPS. This will be done using OpenVPN Connect version 3.4.2.
You will need to load the VPN certificate and key into the YubiKey. To do so, please follow the instructions earlier in the document for loading a certificate.
The OpenVPN Connect application can be used to connect to a VPN on Windows. It can be obtained here. After installing OpenVPN Connect, go to its main directory and create a new folder named pkcs11_modules.
Locate the PKCS 11 .dll file from your Security Key provider and copy it to your clipboard. For YubiKey this will be libykcs11.dll, located in Yubico PIV Tool/bin. If you do not have Yubico PIV Tool for Windows, you can get it here.
Paste the PKCS 11 module into the pkcs11_modules folder you just created.
Now start up the OpenVPN Connect application. You will be asked to import a profile. This document will be using a pre-existing .ovpn configuration file. Go to the “File” tab and click on “Browse”.
A selection window will be opened. Select the .ovpn configuration file for your VPN and click “Open”
After successfully importing the profile, a certificate and key must be assigned to it. Insert the Security Key and click on the “Assign” button.
Go to the “Hardware Tokens” tab and the Security Key should show up.
It will ask you for the YubiKey’s User PIN. Enter the pin and click OK.
Select the certificate and key that you loaded and click on Confirm.
Confirm that the details for the profile are correct and click Connect.
You will be asked for the YubiKey’s User PIN again.
You should now be connected to the VPN via OpenVPN Connect.