Mikrotik OpenVPN

1

/certificate add name=CA-tpl country="BG" state="BG" locality="Sofia" organization="UNIBIT" unit="MA" common-name="CA" key-size=4096 days-valid=3650 key-usage=crl-sign,key-cert-sign 
/certificate sign CA-tpl ca-crl-host=127.0.0.1 name="CA"

2

/certificate add name=SERVER-tpl country="BG" state="BG" locality="Sofia" organization="UNIBIT" unit="MA" common-name="192.168.137.2" key size=4096 days-valid=1095 key-usage=digital-signature,key-encipherment,tls-server 
/certificate sign SERVER-tpl ca="CA" name="SERVER" 
/certificate add name=CLIENT-tpl country="BG" state="BG" locality="Sofia" organization="UNIBIT" unit="MA" common-name="CLIENT" key-size=4096 days-valid=3650 key-usage=tls-client 
/certificate add name=CLIENT1 copy-from="CLIENT-tpl" common-name="CLIENT1" 

3

/certificate sign CLIENT1 ca="CA" name="CLIENT1" /certificate export-certificate CA export-passphrase="" 
/certificate export-certificate CLIENT1 export-passphrase=12345678 

MTVPN.ovpn file without comments:

client 
dev tun 
proto tcp-client
remote 192.168.137.2
port 1194
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
ca cert_export_CA.crt
cert cert_export_CLIENT1.crt
key cert_export_CLIENT1.key
verb 4
mute 10
cipher AES-256-CBC
auth SHA1
auth-user-pass secret
auth-nocache
;redirect-gateway def1