diff --git a/tests/e2e/rte/openvpn/docker-compose.yml b/tests/e2e/rte/openvpn/docker-compose.yml
new file mode 100644
index 0000000000..f172a60226
--- /dev/null
+++ b/tests/e2e/rte/openvpn/docker-compose.yml
@@ -0,0 +1,13 @@
+version: "3.4"
+
+services:
+ openvpn:
+ cap_add:
+ - NET_ADMIN
+ image: kylemanna/openvpn
+ container_name: openvpn
+ ports:
+ - "1194:1194/udp"
+ restart: always
+ volumes:
+ - ./openvpn-data/conf:/etc/openvpn
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/crl.pem b/tests/e2e/rte/openvpn/openvpn-data/conf/crl.pem
new file mode 100644
index 0000000000..6dd7b13985
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/crl.pem
@@ -0,0 +1,11 @@
+-----BEGIN X509 CRL-----
+MIIBqDCBkQIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0Fw0yMTEx
+MDgwNzQ5MTZaFw0zMTExMDYwNzQ5MTZaoE4wTDBKBgNVHSMEQzBBgBQ/AarQse++
+Argn1cHxvXoG8W+Pc6ETpBEwDzENMAsGA1UEAwwEdGVzdIIUcqHj2uS8cK9SYQiJ
+moIR/7fU0PowDQYJKoZIhvcNAQELBQADggEBAD4eZq6iex+GdwiGaEGjtIcpQGJD
+eQC9xUmkZSphKOcwjFyPC6/qOZ/MAgPhqzP2urgyrgeluvhFsISXmH/Di+6yVn7f
+bV4c1e0CT6/H6filAelPnbkEclCv/48P6L3BN4o4S98QXzvMeF+YfpEYGyjO+/PW
+vd0UH4mdtsDpk94Z2FKxeUey76EJPSvwa08dY+/CLynSGDXdGavErtFTBVoc5qcj
+XdC3CI2ig3DnUUBvwiwSxiB5vzJ8Vhl3dxTag/4yYkfjmOS9EzdDRAhRfg7wsf+v
+t4HmeQ2ntBkld1MtXJSKaOQa/if5+nNyb+4ktQkLC6YBd4SNpO8yYq/dMJA=
+-----END X509 CRL-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf b/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf
new file mode 100644
index 0000000000..1f58509e53
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf
@@ -0,0 +1,30 @@
+server 192.168.255.0 255.255.255.0
+verb 3
+key /etc/openvpn/pki/private/localhost.key
+ca /etc/openvpn/pki/ca.crt
+cert /etc/openvpn/pki/issued/localhost.crt
+dh /etc/openvpn/pki/dh.pem
+tls-auth /etc/openvpn/pki/ta.key
+key-direction 0
+keepalive 10 60
+persist-key
+persist-tun
+
+proto udp
+# Rely on Docker to do port mapping, internally always 1194
+port 1194
+dev tun0
+status /tmp/openvpn-status.log
+
+user nobody
+group nogroup
+comp-lzo no
+
+### Push Configurations Below
+push "dhcp-option DNS 192.168.13.6"
+push "comp-lzo no"
+push "dhcp-option DOMAIN localhost"
+push "route 192.168.13.0 255.255.255.0"
+push "route 172.30.0.0 255.255.0.0"
+push "route 172.31.0.0 255.255.0.0"
+push "route 172.33.0.0 255.255.0.0"
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf.1636357834.bak b/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf.1636357834.bak
new file mode 100644
index 0000000000..3f8e34df8e
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/openvpn.conf.1636357834.bak
@@ -0,0 +1,30 @@
+server 192.168.255.0 255.255.255.0
+verb 3
+key /etc/openvpn/pki/private/localhost.key
+ca /etc/openvpn/pki/ca.crt
+cert /etc/openvpn/pki/issued/localhost.crt
+dh /etc/openvpn/pki/dh.pem
+tls-auth /etc/openvpn/pki/ta.key
+key-direction 0
+keepalive 10 60
+persist-key
+persist-tun
+
+proto udp
+# Rely on Docker to do port mapping, internally always 1194
+port 1194
+dev tun0
+status /tmp/openvpn-status.log
+
+user nobody
+group nogroup
+comp-lzo no
+
+### Route Configurations Below
+route 192.168.254.0 255.255.255.0
+
+### Push Configurations Below
+push "block-outside-dns"
+push "dhcp-option DNS 8.8.8.8"
+push "dhcp-option DNS 8.8.4.4"
+push "comp-lzo no"
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/ovpn_env.sh b/tests/e2e/rte/openvpn/openvpn-data/conf/ovpn_env.sh
new file mode 100644
index 0000000000..9b3dabab03
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/ovpn_env.sh
@@ -0,0 +1,25 @@
+declare -x OVPN_AUTH=
+declare -x OVPN_CIPHER=
+declare -x OVPN_CLIENT_TO_CLIENT=
+declare -x OVPN_CN=localhost
+declare -x OVPN_COMP_LZO=0
+declare -x OVPN_DEFROUTE=0
+declare -x OVPN_DEVICE=tun
+declare -x OVPN_DEVICEN=0
+declare -x OVPN_DISABLE_PUSH_BLOCK_DNS=1
+declare -x OVPN_DNS=1
+declare -x OVPN_DNS_SERVERS=([0]="192.168.13.6")
+declare -x OVPN_ENV=/etc/openvpn/ovpn_env.sh
+declare -x OVPN_EXTRA_CLIENT_CONFIG=()
+declare -x OVPN_EXTRA_SERVER_CONFIG=()
+declare -x OVPN_FRAGMENT=
+declare -x OVPN_KEEPALIVE='10 60'
+declare -x OVPN_MTU=
+declare -x OVPN_NAT=1
+declare -x OVPN_PORT=1194
+declare -x OVPN_PROTO=udp
+declare -x OVPN_PUSH=([0]="dhcp-option DOMAIN localhost" [1]="route 192.168.13.0 255.255.255.0" [2]="route 172.17.0.0 255.255.0.0")
+declare -x OVPN_ROUTES=()
+declare -x OVPN_SERVER=192.168.255.0/24
+declare -x OVPN_SERVER_URL=udp://localhost
+declare -x OVPN_TLS_CIPHER=
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ca.crt b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ca.crt
new file mode 100644
index 0000000000..e43ba72148
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNjCCAh6gAwIBAgIUcqHj2uS8cK9SYQiJmoIR/7fU0PowDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMTExMDgwNzQ5MTBaFw0zMTExMDYwNzQ5
+MTBaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCibt8kh9lqTC0O631rPHN0kMQ4kMQ/eZ59mKhAJZ3rBchIBrQne2yTw2z+
+X1ESa3VTkW2jyJ5r7iuo+Xyc8246tfBwO3u0DJ2DeZZOYPzMg48nJNxs3ur3iXAT
+r6Aiwp0gtMNC2XcW7y5OPl8l+BhSt2PsWcdEdmLJgvRPJ2x+Ea8wivuw6FO6byK7
+Mxw7/CbNMw8Eey9eSz9kWDrgetS0kOgfqtt1ZnKDZkbLy8jFl0xW488VUrefUR1g
+lOje8QySjDvzT8sUR0lASyS+/J6j/3gLlSS42e4SxMz00jEus+ye56cO16Pc+vKI
+Xsev8cRPiSDTZTvc7Eaq/OcKVl11AgMBAAGjgYkwgYYwHQYDVR0OBBYEFD8BqtCx
+774CuCfVwfG9egbxb49zMEoGA1UdIwRDMEGAFD8BqtCx774CuCfVwfG9egbxb49z
+oROkETAPMQ0wCwYDVQQDDAR0ZXN0ghRyoePa5Lxwr1JhCImaghH/t9TQ+jAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXUrDhVAX
+TkbhKRBuhUGQb03RyACQKBFM/SwhrmwpQMXo7BUuqWJ27U5/TRHrfKJxDgppmwIs
+qmtrT07tA7e/OyFSZtZ9p/4H+5xM9FCsmu6YMQ3ZloHHGWmibrDNK70frVgRAEAS
+FyAsEgpKZCr6OJNd7v2dbvO4AniZVVvccU17cJAx177YC3fNIuRtpHkm93D3qI+1
+4SED7rktVfXUKs6RMFmqIum5WRzgiJBAtk2GVQMrAAu/xmUPS/aqzstNte4KQ+UY
+2qI9v1wYM8j+BT5nsBT02K+zOsYdkG39n7QEfcecPAjOkKsaFbSf/WZcsb6oCVgl
+d/Nz24kfh76SqQ==
+-----END CERTIFICATE-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/139D258986D24CF7F2000F4365EA7CDE.pem b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/139D258986D24CF7F2000F4365EA7CDE.pem
new file mode 100644
index 0000000000..723ee792b8
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/139D258986D24CF7F2000F4365EA7CDE.pem
@@ -0,0 +1,87 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 13:9d:25:89:86:d2:4c:f7:f2:00:0f:43:65:ea:7c:de
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=test
+ Validity
+ Not Before: Nov 8 07:49:15 2021 GMT
+ Not After : Feb 11 07:49:15 2024 GMT
+ Subject: CN=localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b8:d5:e2:66:d3:aa:e8:f7:2f:d8:76:b6:c6:67:
+ 5c:09:77:df:0b:1b:59:ca:f9:a9:fe:cc:50:91:91:
+ a4:2a:96:55:54:8c:a9:17:25:23:8d:93:76:05:5c:
+ 9e:86:68:82:22:42:52:f6:7d:72:5f:85:5c:7c:61:
+ d2:b2:a3:a2:5b:40:05:6f:eb:be:63:75:86:29:e7:
+ 97:e4:d7:20:1e:b4:c4:79:76:f7:cf:1d:70:ba:b0:
+ 10:ef:4e:9c:dc:15:4f:ee:b9:a7:b9:3f:f1:97:dd:
+ 77:0b:0e:3b:0b:c2:bd:b3:87:07:a4:95:2c:78:6b:
+ 7c:ac:7a:e4:02:c1:a0:3e:f5:ef:3a:51:f4:b3:4a:
+ 48:58:d0:16:10:8d:64:ba:a0:16:88:f0:62:55:fe:
+ 36:7b:9d:45:9f:f8:6d:e9:2a:1c:35:57:67:8e:2f:
+ 55:2f:27:87:dd:ce:df:a4:f3:9b:b5:80:7b:4a:f6:
+ 28:74:52:2d:cf:d9:ae:34:7f:6c:1d:89:f2:fc:00:
+ aa:1c:fa:a0:30:22:14:19:76:65:9c:31:60:39:5d:
+ 0d:0a:15:80:b2:26:44:69:73:a2:0d:11:c0:b5:21:
+ 6f:52:cd:4a:2f:87:23:48:28:fc:8c:db:83:83:56:
+ 7a:a5:63:61:4c:6c:bb:3b:80:9f:ba:ad:66:63:b0:
+ 63:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ DD:B7:0D:86:6B:E4:2F:30:5F:6C:C1:A8:A8:23:66:06:36:C4:30:BC
+ X509v3 Authority Key Identifier:
+ keyid:3F:01:AA:D0:B1:EF:BE:02:B8:27:D5:C1:F1:BD:7A:06:F1:6F:8F:73
+ DirName:/CN=test
+ serial:72:A1:E3:DA:E4:BC:70:AF:52:61:08:89:9A:82:11:FF:B7:D4:D0:FA
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:localhost
+ Signature Algorithm: sha256WithRSAEncryption
+ 09:97:10:6a:b8:62:e7:e8:a5:a0:45:33:d2:85:0d:ca:61:73:
+ 8c:85:27:1d:3d:68:8b:65:55:4b:51:d9:86:a8:89:92:52:6b:
+ 98:4c:4b:75:05:ed:6e:e0:63:96:ce:44:b1:47:2a:71:32:32:
+ 86:f2:e3:5d:68:bd:82:1c:66:23:7a:ff:9e:e4:c3:a2:cd:79:
+ 2c:a0:63:9e:f5:cc:e4:71:60:0d:a5:69:5e:b5:c1:cb:4e:94:
+ 18:c5:f9:cd:89:c3:7a:33:4d:5b:6c:ec:9d:0c:0b:fe:72:72:
+ 07:b6:6d:ba:2b:10:e6:6e:0b:94:b6:3e:67:1a:c1:fe:73:e0:
+ dd:be:4c:1d:29:2b:01:fe:3e:ec:c6:d0:c8:de:04:77:ff:6a:
+ 7e:81:8f:86:1b:42:70:38:d1:47:cd:b9:11:33:9c:b2:7d:fa:
+ b4:5e:a2:a4:cd:0c:ed:3e:b1:28:f6:3d:6f:df:ea:34:83:b2:
+ fc:c1:31:28:75:02:fb:64:20:06:89:a9:31:ff:7c:0a:bc:c0:
+ aa:11:45:a4:e0:f4:98:cc:f7:77:21:de:41:34:32:97:3b:d7:
+ 88:58:47:7b:fb:c1:d2:9a:dc:5f:02:3f:4c:d9:99:71:f4:7b:
+ c8:31:c6:31:55:93:0e:42:28:b7:cb:43:e3:21:ce:84:de:0c:
+ a5:e1:7b:32
+-----BEGIN CERTIFICATE-----
+MIIDXzCCAkegAwIBAgIQE50liYbSTPfyAA9DZep83jANBgkqhkiG9w0BAQsFADAP
+MQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMTEwODA3NDkxNVoXDTI0MDIxMTA3NDkxNVow
+FDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAuNXiZtOq6Pcv2Ha2xmdcCXffCxtZyvmp/sxQkZGkKpZVVIypFyUjjZN2
+BVyehmiCIkJS9n1yX4VcfGHSsqOiW0AFb+u+Y3WGKeeX5NcgHrTEeXb3zx1wurAQ
+706c3BVP7rmnuT/xl913Cw47C8K9s4cHpJUseGt8rHrkAsGgPvXvOlH0s0pIWNAW
+EI1kuqAWiPBiVf42e51Fn/ht6SocNVdnji9VLyeH3c7fpPObtYB7SvYodFItz9mu
+NH9sHYny/ACqHPqgMCIUGXZlnDFgOV0NChWAsiZEaXOiDRHAtSFvUs1KL4cjSCj8
+jNuDg1Z6pWNhTGy7O4Cfuq1mY7BjVwIDAQABo4GxMIGuMAkGA1UdEwQCMAAwHQYD
+VR0OBBYEFN23DYZr5C8wX2zBqKgjZgY2xDC8MEoGA1UdIwRDMEGAFD8BqtCx774C
+uCfVwfG9egbxb49zoROkETAPMQ0wCwYDVQQDDAR0ZXN0ghRyoePa5Lxwr1JhCIma
+ghH/t9TQ+jATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwFAYDVR0R
+BA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQAJlxBquGLn6KWgRTPS
+hQ3KYXOMhScdPWiLZVVLUdmGqImSUmuYTEt1Be1u4GOWzkSxRypxMjKG8uNdaL2C
+HGYjev+e5MOizXksoGOe9czkcWANpWletcHLTpQYxfnNicN6M01bbOydDAv+cnIH
+tm26KxDmbguUtj5nGsH+c+DdvkwdKSsB/j7sxtDI3gR3/2p+gY+GG0JwONFHzbkR
+M5yyffq0XqKkzQztPrEo9j1v3+o0g7L8wTEodQL7ZCAGiakx/3wKvMCqEUWk4PSY
+zPd3Id5BNDKXO9eIWEd7+8HSmtxfAj9M2Zlx9HvIMcYxVZMOQii3y0PjIc6E3gyl
+4Xsy
+-----END CERTIFICATE-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/8055804ACAE0109030FB7947F31147A9.pem b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/8055804ACAE0109030FB7947F31147A9.pem
new file mode 100644
index 0000000000..eda326fd95
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/certs_by_serial/8055804ACAE0109030FB7947F31147A9.pem
@@ -0,0 +1,84 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 80:55:80:4a:ca:e0:10:90:30:fb:79:47:f3:11:47:a9
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=test
+ Validity
+ Not Before: Nov 8 07:51:56 2021 GMT
+ Not After : Feb 11 07:51:56 2024 GMT
+ Subject: CN=test
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:ba:3a:57:9b:0f:9b:dd:5a:c3:8c:ac:f0:24:
+ 2e:20:8e:3b:33:6d:86:b2:cb:81:00:83:4a:4f:16:
+ 40:cd:b3:e5:1d:c5:7f:98:e7:4b:a0:f5:6f:f3:5b:
+ 1b:a2:6b:16:4d:5c:5b:fe:46:c3:58:8e:0e:13:f9:
+ ec:69:68:37:f6:7d:e0:7e:8b:95:0f:71:ba:89:b1:
+ 5d:0e:ca:7c:9b:9e:07:57:c2:4b:e3:42:96:ef:5e:
+ 43:ea:fe:11:f2:38:3a:b4:0c:e3:e2:4c:28:e2:07:
+ bb:9a:56:63:98:88:91:15:f5:27:4d:a5:d1:88:0c:
+ 49:48:24:8f:71:8d:7d:0e:48:1b:d9:95:a4:7b:f2:
+ b7:f6:68:95:0c:14:2f:19:8d:ac:c5:cd:95:ac:42:
+ 93:ab:6e:60:33:40:90:f6:80:4e:a8:4b:f0:0f:d4:
+ d6:c0:5d:f2:8f:dd:c0:41:2b:78:96:12:60:37:e7:
+ c5:cc:ba:7a:36:de:0a:f0:e5:c9:90:51:3d:66:a6:
+ d1:b9:d2:b4:d3:ad:cb:72:f9:46:45:33:65:4a:e3:
+ e9:95:ee:23:37:92:b0:6b:a8:95:02:06:04:6b:7e:
+ 44:a9:4e:3c:fd:93:5b:32:4c:c3:40:24:9e:52:14:
+ d1:ac:aa:c5:88:4b:88:75:51:1c:96:26:c2:d7:75:
+ c6:7b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 8E:9E:25:9F:4F:53:6D:1D:D6:2C:08:03:2C:66:C3:6F:90:16:53:96
+ X509v3 Authority Key Identifier:
+ keyid:3F:01:AA:D0:B1:EF:BE:02:B8:27:D5:C1:F1:BD:7A:06:F1:6F:8F:73
+ DirName:/CN=test
+ serial:72:A1:E3:DA:E4:BC:70:AF:52:61:08:89:9A:82:11:FF:B7:D4:D0:FA
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 00:67:d2:93:e6:69:cb:fd:f6:9f:df:f6:59:20:2a:f6:0f:03:
+ ba:b3:da:65:de:62:23:36:a2:8d:4f:27:22:0e:3d:01:80:d9:
+ 59:cd:c5:f0:1a:9b:c5:e8:f4:6f:e2:c7:29:fc:37:21:2f:6f:
+ 9d:b8:8c:f6:6e:37:c9:b1:4a:0d:9d:e5:cd:0a:4b:01:0a:98:
+ 8f:46:e9:24:97:9c:ef:75:dd:a4:f7:33:7d:df:09:f3:4c:b6:
+ 3c:38:a7:2e:26:1d:68:f9:87:9a:ae:6c:60:d9:de:32:f1:69:
+ 66:97:cb:20:81:0d:b5:01:74:b5:73:8c:85:2b:5a:73:ea:cd:
+ e5:25:13:44:3a:24:0a:0a:72:4d:42:cc:0b:5a:c9:96:05:20:
+ 37:fb:1b:95:18:8d:66:ff:10:f8:3a:d8:03:6c:6c:37:6e:de:
+ 51:59:08:7e:d1:33:11:08:74:ed:fc:3f:4d:19:00:82:88:9f:
+ 95:66:a6:e9:f1:73:55:e1:7a:3f:ae:a6:e1:b7:51:df:92:28:
+ 19:42:1d:a5:a7:ed:b9:e4:00:ea:a7:55:e3:55:12:45:5f:f9:
+ e1:a5:1f:13:f1:ee:1a:31:e5:ae:9d:2e:ef:dd:d8:56:b2:7c:
+ f6:ba:08:41:db:13:16:31:0e:5d:41:b2:6d:98:01:e4:43:a2:
+ d1:34:9e:91
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIRAIBVgErK4BCQMPt5R/MRR6kwDQYJKoZIhvcNAQELBQAw
+DzENMAsGA1UEAwwEdGVzdDAeFw0yMTExMDgwNzUxNTZaFw0yNDAyMTEwNzUxNTZa
+MA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDNujpXmw+b3VrDjKzwJC4gjjszbYayy4EAg0pPFkDNs+UdxX+Y50ug9W/zWxui
+axZNXFv+RsNYjg4T+expaDf2feB+i5UPcbqJsV0OynybngdXwkvjQpbvXkPq/hHy
+ODq0DOPiTCjiB7uaVmOYiJEV9SdNpdGIDElIJI9xjX0OSBvZlaR78rf2aJUMFC8Z
+jazFzZWsQpOrbmAzQJD2gE6oS/AP1NbAXfKP3cBBK3iWEmA358XMuno23grw5cmQ
+UT1mptG50rTTrcty+UZFM2VK4+mV7iM3krBrqJUCBgRrfkSpTjz9k1syTMNAJJ5S
+FNGsqsWIS4h1URyWJsLXdcZ7AgMBAAGjgZswgZgwCQYDVR0TBAIwADAdBgNVHQ4E
+FgQUjp4ln09TbR3WLAgDLGbDb5AWU5YwSgYDVR0jBEMwQYAUPwGq0LHvvgK4J9XB
+8b16BvFvj3OhE6QRMA8xDTALBgNVBAMMBHRlc3SCFHKh49rkvHCvUmEIiZqCEf+3
+1ND6MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0B
+AQsFAAOCAQEAAGfSk+Zpy/32n9/2WSAq9g8DurPaZd5iIzaijU8nIg49AYDZWc3F
+8Bqbxej0b+LHKfw3IS9vnbiM9m43ybFKDZ3lzQpLAQqYj0bpJJec73XdpPczfd8J
+80y2PDinLiYdaPmHmq5sYNneMvFpZpfLIIENtQF0tXOMhStac+rN5SUTRDokCgpy
+TULMC1rJlgUgN/sblRiNZv8Q+DrYA2xsN27eUVkIftEzEQh07fw/TRkAgoiflWam
+6fFzVeF6P66m4bdR35IoGUIdpaftueQA6qdV41USRV/54aUfE/HuGjHlrp0u793Y
+VrJ89roIQdsTFjEOXUGybZgB5EOi0TSekQ==
+-----END CERTIFICATE-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/crl.pem b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/crl.pem
new file mode 100644
index 0000000000..6dd7b13985
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/crl.pem
@@ -0,0 +1,11 @@
+-----BEGIN X509 CRL-----
+MIIBqDCBkQIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0Fw0yMTEx
+MDgwNzQ5MTZaFw0zMTExMDYwNzQ5MTZaoE4wTDBKBgNVHSMEQzBBgBQ/AarQse++
+Argn1cHxvXoG8W+Pc6ETpBEwDzENMAsGA1UEAwwEdGVzdIIUcqHj2uS8cK9SYQiJ
+moIR/7fU0PowDQYJKoZIhvcNAQELBQADggEBAD4eZq6iex+GdwiGaEGjtIcpQGJD
+eQC9xUmkZSphKOcwjFyPC6/qOZ/MAgPhqzP2urgyrgeluvhFsISXmH/Di+6yVn7f
+bV4c1e0CT6/H6filAelPnbkEclCv/48P6L3BN4o4S98QXzvMeF+YfpEYGyjO+/PW
+vd0UH4mdtsDpk94Z2FKxeUey76EJPSvwa08dY+/CLynSGDXdGavErtFTBVoc5qcj
+XdC3CI2ig3DnUUBvwiwSxiB5vzJ8Vhl3dxTag/4yYkfjmOS9EzdDRAhRfg7wsf+v
+t4HmeQ2ntBkld1MtXJSKaOQa/if5+nNyb+4ktQkLC6YBd4SNpO8yYq/dMJA=
+-----END X509 CRL-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/dh.pem b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/dh.pem
new file mode 100644
index 0000000000..3b1acc9dd4
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/dh.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAlG3e5COo1wC8aPTfb2ilsHyfPSj8WHMDMFfZYAiJsLAW6sNaA33L
+9AfgsYDgb5CoHhil47Yrons97nvdC6lwVuG61Q7S77VX0MV6b12Gu+D8VJElnoNB
+yQP/z6Frfg7OKCDelIfkvqYYPqQD33S7XR2a+7vO2E/vnc7vcfHozUUPKHqFtxyt
+MNYuIs74l+2HHBHEO9fKWHc4IfHEkROQbehy0y6//qiKz/WqWAkQPX6eqgf26V23
+TyOT4UBvNv7nqOEpV4WS+zg+qH5c/kkcwSD/8jJMMi1cEWvz+9w+Kh7ponzQqOU0
+LOUysoYDcsZfuE/1SftOs44jUb4UCsKC4wIBAg==
+-----END DH PARAMETERS-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt
new file mode 100644
index 0000000000..7a38b10be0
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt
@@ -0,0 +1,2 @@
+V 240211074915Z 139D258986D24CF7F2000F4365EA7CDE unknown /CN=localhost
+V 240211075156Z 8055804ACAE0109030FB7947F31147A9 unknown /CN=test
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr
new file mode 100644
index 0000000000..3a7e39e6ee
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr.old b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr.old
new file mode 100644
index 0000000000..3a7e39e6ee
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.attr.old
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.old b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.old
new file mode 100644
index 0000000000..62a33d15e5
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/index.txt.old
@@ -0,0 +1 @@
+V 240211074915Z 139D258986D24CF7F2000F4365EA7CDE unknown /CN=localhost
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/localhost.crt b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/localhost.crt
new file mode 100644
index 0000000000..723ee792b8
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/localhost.crt
@@ -0,0 +1,87 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 13:9d:25:89:86:d2:4c:f7:f2:00:0f:43:65:ea:7c:de
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=test
+ Validity
+ Not Before: Nov 8 07:49:15 2021 GMT
+ Not After : Feb 11 07:49:15 2024 GMT
+ Subject: CN=localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b8:d5:e2:66:d3:aa:e8:f7:2f:d8:76:b6:c6:67:
+ 5c:09:77:df:0b:1b:59:ca:f9:a9:fe:cc:50:91:91:
+ a4:2a:96:55:54:8c:a9:17:25:23:8d:93:76:05:5c:
+ 9e:86:68:82:22:42:52:f6:7d:72:5f:85:5c:7c:61:
+ d2:b2:a3:a2:5b:40:05:6f:eb:be:63:75:86:29:e7:
+ 97:e4:d7:20:1e:b4:c4:79:76:f7:cf:1d:70:ba:b0:
+ 10:ef:4e:9c:dc:15:4f:ee:b9:a7:b9:3f:f1:97:dd:
+ 77:0b:0e:3b:0b:c2:bd:b3:87:07:a4:95:2c:78:6b:
+ 7c:ac:7a:e4:02:c1:a0:3e:f5:ef:3a:51:f4:b3:4a:
+ 48:58:d0:16:10:8d:64:ba:a0:16:88:f0:62:55:fe:
+ 36:7b:9d:45:9f:f8:6d:e9:2a:1c:35:57:67:8e:2f:
+ 55:2f:27:87:dd:ce:df:a4:f3:9b:b5:80:7b:4a:f6:
+ 28:74:52:2d:cf:d9:ae:34:7f:6c:1d:89:f2:fc:00:
+ aa:1c:fa:a0:30:22:14:19:76:65:9c:31:60:39:5d:
+ 0d:0a:15:80:b2:26:44:69:73:a2:0d:11:c0:b5:21:
+ 6f:52:cd:4a:2f:87:23:48:28:fc:8c:db:83:83:56:
+ 7a:a5:63:61:4c:6c:bb:3b:80:9f:ba:ad:66:63:b0:
+ 63:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ DD:B7:0D:86:6B:E4:2F:30:5F:6C:C1:A8:A8:23:66:06:36:C4:30:BC
+ X509v3 Authority Key Identifier:
+ keyid:3F:01:AA:D0:B1:EF:BE:02:B8:27:D5:C1:F1:BD:7A:06:F1:6F:8F:73
+ DirName:/CN=test
+ serial:72:A1:E3:DA:E4:BC:70:AF:52:61:08:89:9A:82:11:FF:B7:D4:D0:FA
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:localhost
+ Signature Algorithm: sha256WithRSAEncryption
+ 09:97:10:6a:b8:62:e7:e8:a5:a0:45:33:d2:85:0d:ca:61:73:
+ 8c:85:27:1d:3d:68:8b:65:55:4b:51:d9:86:a8:89:92:52:6b:
+ 98:4c:4b:75:05:ed:6e:e0:63:96:ce:44:b1:47:2a:71:32:32:
+ 86:f2:e3:5d:68:bd:82:1c:66:23:7a:ff:9e:e4:c3:a2:cd:79:
+ 2c:a0:63:9e:f5:cc:e4:71:60:0d:a5:69:5e:b5:c1:cb:4e:94:
+ 18:c5:f9:cd:89:c3:7a:33:4d:5b:6c:ec:9d:0c:0b:fe:72:72:
+ 07:b6:6d:ba:2b:10:e6:6e:0b:94:b6:3e:67:1a:c1:fe:73:e0:
+ dd:be:4c:1d:29:2b:01:fe:3e:ec:c6:d0:c8:de:04:77:ff:6a:
+ 7e:81:8f:86:1b:42:70:38:d1:47:cd:b9:11:33:9c:b2:7d:fa:
+ b4:5e:a2:a4:cd:0c:ed:3e:b1:28:f6:3d:6f:df:ea:34:83:b2:
+ fc:c1:31:28:75:02:fb:64:20:06:89:a9:31:ff:7c:0a:bc:c0:
+ aa:11:45:a4:e0:f4:98:cc:f7:77:21:de:41:34:32:97:3b:d7:
+ 88:58:47:7b:fb:c1:d2:9a:dc:5f:02:3f:4c:d9:99:71:f4:7b:
+ c8:31:c6:31:55:93:0e:42:28:b7:cb:43:e3:21:ce:84:de:0c:
+ a5:e1:7b:32
+-----BEGIN CERTIFICATE-----
+MIIDXzCCAkegAwIBAgIQE50liYbSTPfyAA9DZep83jANBgkqhkiG9w0BAQsFADAP
+MQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMTEwODA3NDkxNVoXDTI0MDIxMTA3NDkxNVow
+FDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAuNXiZtOq6Pcv2Ha2xmdcCXffCxtZyvmp/sxQkZGkKpZVVIypFyUjjZN2
+BVyehmiCIkJS9n1yX4VcfGHSsqOiW0AFb+u+Y3WGKeeX5NcgHrTEeXb3zx1wurAQ
+706c3BVP7rmnuT/xl913Cw47C8K9s4cHpJUseGt8rHrkAsGgPvXvOlH0s0pIWNAW
+EI1kuqAWiPBiVf42e51Fn/ht6SocNVdnji9VLyeH3c7fpPObtYB7SvYodFItz9mu
+NH9sHYny/ACqHPqgMCIUGXZlnDFgOV0NChWAsiZEaXOiDRHAtSFvUs1KL4cjSCj8
+jNuDg1Z6pWNhTGy7O4Cfuq1mY7BjVwIDAQABo4GxMIGuMAkGA1UdEwQCMAAwHQYD
+VR0OBBYEFN23DYZr5C8wX2zBqKgjZgY2xDC8MEoGA1UdIwRDMEGAFD8BqtCx774C
+uCfVwfG9egbxb49zoROkETAPMQ0wCwYDVQQDDAR0ZXN0ghRyoePa5Lxwr1JhCIma
+ghH/t9TQ+jATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwFAYDVR0R
+BA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQAJlxBquGLn6KWgRTPS
+hQ3KYXOMhScdPWiLZVVLUdmGqImSUmuYTEt1Be1u4GOWzkSxRypxMjKG8uNdaL2C
+HGYjev+e5MOizXksoGOe9czkcWANpWletcHLTpQYxfnNicN6M01bbOydDAv+cnIH
+tm26KxDmbguUtj5nGsH+c+DdvkwdKSsB/j7sxtDI3gR3/2p+gY+GG0JwONFHzbkR
+M5yyffq0XqKkzQztPrEo9j1v3+o0g7L8wTEodQL7ZCAGiakx/3wKvMCqEUWk4PSY
+zPd3Id5BNDKXO9eIWEd7+8HSmtxfAj9M2Zlx9HvIMcYxVZMOQii3y0PjIc6E3gyl
+4Xsy
+-----END CERTIFICATE-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/test.crt b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/test.crt
new file mode 100644
index 0000000000..eda326fd95
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/issued/test.crt
@@ -0,0 +1,84 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 80:55:80:4a:ca:e0:10:90:30:fb:79:47:f3:11:47:a9
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=test
+ Validity
+ Not Before: Nov 8 07:51:56 2021 GMT
+ Not After : Feb 11 07:51:56 2024 GMT
+ Subject: CN=test
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:ba:3a:57:9b:0f:9b:dd:5a:c3:8c:ac:f0:24:
+ 2e:20:8e:3b:33:6d:86:b2:cb:81:00:83:4a:4f:16:
+ 40:cd:b3:e5:1d:c5:7f:98:e7:4b:a0:f5:6f:f3:5b:
+ 1b:a2:6b:16:4d:5c:5b:fe:46:c3:58:8e:0e:13:f9:
+ ec:69:68:37:f6:7d:e0:7e:8b:95:0f:71:ba:89:b1:
+ 5d:0e:ca:7c:9b:9e:07:57:c2:4b:e3:42:96:ef:5e:
+ 43:ea:fe:11:f2:38:3a:b4:0c:e3:e2:4c:28:e2:07:
+ bb:9a:56:63:98:88:91:15:f5:27:4d:a5:d1:88:0c:
+ 49:48:24:8f:71:8d:7d:0e:48:1b:d9:95:a4:7b:f2:
+ b7:f6:68:95:0c:14:2f:19:8d:ac:c5:cd:95:ac:42:
+ 93:ab:6e:60:33:40:90:f6:80:4e:a8:4b:f0:0f:d4:
+ d6:c0:5d:f2:8f:dd:c0:41:2b:78:96:12:60:37:e7:
+ c5:cc:ba:7a:36:de:0a:f0:e5:c9:90:51:3d:66:a6:
+ d1:b9:d2:b4:d3:ad:cb:72:f9:46:45:33:65:4a:e3:
+ e9:95:ee:23:37:92:b0:6b:a8:95:02:06:04:6b:7e:
+ 44:a9:4e:3c:fd:93:5b:32:4c:c3:40:24:9e:52:14:
+ d1:ac:aa:c5:88:4b:88:75:51:1c:96:26:c2:d7:75:
+ c6:7b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 8E:9E:25:9F:4F:53:6D:1D:D6:2C:08:03:2C:66:C3:6F:90:16:53:96
+ X509v3 Authority Key Identifier:
+ keyid:3F:01:AA:D0:B1:EF:BE:02:B8:27:D5:C1:F1:BD:7A:06:F1:6F:8F:73
+ DirName:/CN=test
+ serial:72:A1:E3:DA:E4:BC:70:AF:52:61:08:89:9A:82:11:FF:B7:D4:D0:FA
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 00:67:d2:93:e6:69:cb:fd:f6:9f:df:f6:59:20:2a:f6:0f:03:
+ ba:b3:da:65:de:62:23:36:a2:8d:4f:27:22:0e:3d:01:80:d9:
+ 59:cd:c5:f0:1a:9b:c5:e8:f4:6f:e2:c7:29:fc:37:21:2f:6f:
+ 9d:b8:8c:f6:6e:37:c9:b1:4a:0d:9d:e5:cd:0a:4b:01:0a:98:
+ 8f:46:e9:24:97:9c:ef:75:dd:a4:f7:33:7d:df:09:f3:4c:b6:
+ 3c:38:a7:2e:26:1d:68:f9:87:9a:ae:6c:60:d9:de:32:f1:69:
+ 66:97:cb:20:81:0d:b5:01:74:b5:73:8c:85:2b:5a:73:ea:cd:
+ e5:25:13:44:3a:24:0a:0a:72:4d:42:cc:0b:5a:c9:96:05:20:
+ 37:fb:1b:95:18:8d:66:ff:10:f8:3a:d8:03:6c:6c:37:6e:de:
+ 51:59:08:7e:d1:33:11:08:74:ed:fc:3f:4d:19:00:82:88:9f:
+ 95:66:a6:e9:f1:73:55:e1:7a:3f:ae:a6:e1:b7:51:df:92:28:
+ 19:42:1d:a5:a7:ed:b9:e4:00:ea:a7:55:e3:55:12:45:5f:f9:
+ e1:a5:1f:13:f1:ee:1a:31:e5:ae:9d:2e:ef:dd:d8:56:b2:7c:
+ f6:ba:08:41:db:13:16:31:0e:5d:41:b2:6d:98:01:e4:43:a2:
+ d1:34:9e:91
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIRAIBVgErK4BCQMPt5R/MRR6kwDQYJKoZIhvcNAQELBQAw
+DzENMAsGA1UEAwwEdGVzdDAeFw0yMTExMDgwNzUxNTZaFw0yNDAyMTEwNzUxNTZa
+MA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDNujpXmw+b3VrDjKzwJC4gjjszbYayy4EAg0pPFkDNs+UdxX+Y50ug9W/zWxui
+axZNXFv+RsNYjg4T+expaDf2feB+i5UPcbqJsV0OynybngdXwkvjQpbvXkPq/hHy
+ODq0DOPiTCjiB7uaVmOYiJEV9SdNpdGIDElIJI9xjX0OSBvZlaR78rf2aJUMFC8Z
+jazFzZWsQpOrbmAzQJD2gE6oS/AP1NbAXfKP3cBBK3iWEmA358XMuno23grw5cmQ
+UT1mptG50rTTrcty+UZFM2VK4+mV7iM3krBrqJUCBgRrfkSpTjz9k1syTMNAJJ5S
+FNGsqsWIS4h1URyWJsLXdcZ7AgMBAAGjgZswgZgwCQYDVR0TBAIwADAdBgNVHQ4E
+FgQUjp4ln09TbR3WLAgDLGbDb5AWU5YwSgYDVR0jBEMwQYAUPwGq0LHvvgK4J9XB
+8b16BvFvj3OhE6QRMA8xDTALBgNVBAMMBHRlc3SCFHKh49rkvHCvUmEIiZqCEf+3
+1ND6MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0B
+AQsFAAOCAQEAAGfSk+Zpy/32n9/2WSAq9g8DurPaZd5iIzaijU8nIg49AYDZWc3F
+8Bqbxej0b+LHKfw3IS9vnbiM9m43ybFKDZ3lzQpLAQqYj0bpJJec73XdpPczfd8J
+80y2PDinLiYdaPmHmq5sYNneMvFpZpfLIIENtQF0tXOMhStac+rN5SUTRDokCgpy
+TULMC1rJlgUgN/sblRiNZv8Q+DrYA2xsN27eUVkIftEzEQh07fw/TRkAgoiflWam
+6fFzVeF6P66m4bdR35IoGUIdpaftueQA6qdV41USRV/54aUfE/HuGjHlrp0u793Y
+VrJ89roIQdsTFjEOXUGybZgB5EOi0TSekQ==
+-----END CERTIFICATE-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/openssl-easyrsa.cnf b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/openssl-easyrsa.cnf
new file mode 100644
index 0000000000..5c4fc79e7e
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/openssl-easyrsa.cnf
@@ -0,0 +1,138 @@
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = $ENV::EASYRSA_PKI # Where everything is kept
+certs = $dir # Where the issued certs are kept
+crl_dir = $dir # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/certs_by_serial # default place for new certs.
+
+certificate = $dir/ca.crt # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/ca.key # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = basic_exts # The extensions to add to the cert
+
+# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
+# is designed for will. In return, we get the Issuer attached to CRLs.
+crl_extensions = crl_ext
+
+default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for
+default_crl_days= $ENV::EASYRSA_CRL_DAYS # how long before next CRL
+default_md = $ENV::EASYRSA_DIGEST # use public key default MD
+preserve = no # keep passed DN ordering
+
+# This allows to renew certificates which have not been revoked
+unique_subject = no
+
+# A few different ways of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_anything
+
+# For the 'anything' policy, which defines allowed DN fields
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+name = optional
+emailAddress = optional
+
+####################################################################
+# Easy-RSA request handling
+# We key off $DN_MODE to determine how to format the DN
+[ req ]
+default_bits = $ENV::EASYRSA_KEY_SIZE
+default_keyfile = privkey.pem
+default_md = $ENV::EASYRSA_DIGEST
+distinguished_name = $ENV::EASYRSA_DN
+x509_extensions = easyrsa_ca # The extensions to add to the self signed cert
+
+# A placeholder to handle the $EXTRA_EXTS feature:
+#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
+
+####################################################################
+# Easy-RSA DN (Subject) handling
+
+# Easy-RSA DN for cn_only support:
+[ cn_only ]
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = $ENV::EASYRSA_REQ_CN
+
+# Easy-RSA DN for org support:
+[ org ]
+countryName = Country Name (2 letter code)
+countryName_default = $ENV::EASYRSA_REQ_COUNTRY
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE
+
+localityName = Locality Name (eg, city)
+localityName_default = $ENV::EASYRSA_REQ_CITY
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = $ENV::EASYRSA_REQ_ORG
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default = $ENV::EASYRSA_REQ_OU
+
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = $ENV::EASYRSA_REQ_CN
+
+emailAddress = Email Address
+emailAddress_default = $ENV::EASYRSA_REQ_EMAIL
+emailAddress_max = 64
+
+####################################################################
+# Easy-RSA cert extension handling
+
+# This section is effectively unused as the main script sets extensions
+# dynamically. This core section is left to support the odd usecase where
+# a user calls openssl directly.
+[ basic_exts ]
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+
+# The Easy-RSA CA extensions
+[ easyrsa_ca ]
+
+# PKIX recommendations:
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This could be marked critical, but it's nice to support reading by any
+# broken clients who attempt to do so.
+basicConstraints = CA:true
+
+# Limit key usage to CA tasks. If you really want to use the generated pair as
+# a self-signed cert, comment this out.
+keyUsage = cRLSign, keyCertSign
+
+# nsCertType omitted by default. Let's try to let the deprecated stuff die.
+# nsCertType = sslCA
+
+# CRL extensions.
+[ crl_ext ]
+
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/ca.key b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/ca.key
new file mode 100644
index 0000000000..d47b74f89d
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/ca.key
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,9953B10D522B006610527D745ED2B3FF
+
+xOtU092mS9pMlkXv5EZVQ3mAAnOPh/qb/0zmHagFTys1jHKKBGnXUWr8cYGD5Dyk
+NVDoEn3RjAKhNV0Hvs18m/MUDqsuqj1fNw55LWszQ0/OioOA3+CiZlRd3qUmOFIZ
+2oG+5l/k1XoH2S/zho4L53vxAMcTr62R+BXO++G4C1nMFwIchjpYInCoVZZblhP/
+Iue1lnYKkFhV609F5digBdM2mNIBJi5RST5T9rm0/EkxYNcfJgq9WMI4fN6ISXFm
+KgxAT9+22v90KEGTb7ehNoczOZ7YS3kYC4zMoniIZ78E5Fv0d83strIa0S6rkKL+
+hGZ6KmVrtJpisdUIQ6Vv6aD5UCJfxdC/mC64F+gs0ElrYFC4t+Rb1uA2YyNgfuue
+K0uAKcXPA4mpVyHd95TP5Yf332DiifnfO7/HqnULC+YQ+4Eo0zYJEfqbSbdI1hJD
+gcneKrtRMIFL0ypzD9d8mGZce5hOHeJXR+xSWweMlQADYT/lmILHwUkShnSxa9em
+S8ZgQNw56yIv1Ug3aBbtxxa/qYHWv11ZZeXA5vvkvXwt4lxmsFxYg8PySpoOqbE4
+XoJ4u5VeNS3EZZ2fHuDraTAkisfJoXRq+nYnNxK5Y+v03/y3/Ywj7UOSvH5b04Mu
+lMiauOstDwlMZWsH+BqN70LWbddffZ3z2t6RdQbgxWHucMA4WB9EN18ynM3IEIM/
+HfiNVM5JwyZfsXULAq1bwCbkvbuuZDzjF0itBi7nZA6H+bdETP9neHUtHHhqW+zP
+lQmQt4qq0JMkDNXQUt69p213iy8lTOnWzMhfLoTcqcJxFjUjujb3DUSOfcmFx8a8
+5sYaXbiSY8PbjWeX8S/dFx94Zwyy1pWj/rWiGVjeUjvxDzdfFyKf8JSSaXltCVvw
+HoKaQFycuB0cuWBo+UxHRI+sUDj0rzdNSR1MxdCJbnWmOJBOoQCZWPcodt9ttSux
+OxSNTU90bUMKRyAI9FevWXR7ZGx1o+VXPG0lGAD638eHIfBfc6RLqiYAyrDLOp8y
+/yRvTCJAFIvSfqPOjXjDX9OI6KhNpsQRpLeEJrTG8DPDLvjTqb+yCimryIe0GpM2
+H8OGu9bQkUzbotQ/c1wPXWRGUgk0wJG5vwNE58y9QpkxZEkToXcE9DZ/SdyXd7YU
+fA1V67Li0AfnBXAS921GHWvwH8di+OEpquy91ftv6Dwq429h2TFAqlPi3QpfGhgP
+QQlmv5y5Wfi9SVqOTa/lz31NyJ2CVZpMdC+8vGZg1YTisss/ARYZtPBlcozYp9Op
+ubovrEVugPzmzbTB8FxRuw+6GdCO0502B1k/32bvuV7XUMXltNJR094i0d/VqGeZ
+WxdGMVSYn+32ai9YZeAVvfAisBjAVmG49iNpCAkL4a5s2ONbJ+H7AhhQadDmBoxA
+JA4JNeV19LgSWUxfNE+8IMpoDewa8RQnr68VALZDIZ8TkJvMet2fC2xy86cSNTsJ
+MNbIzVZ8d+ZazE1Ki6jaToX9i4a/fBhftG4Ssi9TlmkpPli+/JgHA6WOY58+ZiZ/
+pFht4WjYeayos9hRDwGrXqVJ/pQph5swTZIbvOkIkCtNRiDkHW4VLq8gVI8eNcxg
+-----END RSA PRIVATE KEY-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/localhost.key b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/localhost.key
new file mode 100644
index 0000000000..4e185149a8
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/localhost.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC41eJm06ro9y/Y
+drbGZ1wJd98LG1nK+an+zFCRkaQqllVUjKkXJSONk3YFXJ6GaIIiQlL2fXJfhVx8
+YdKyo6JbQAVv675jdYYp55fk1yAetMR5dvfPHXC6sBDvTpzcFU/uuae5P/GX3XcL
+DjsLwr2zhweklSx4a3yseuQCwaA+9e86UfSzSkhY0BYQjWS6oBaI8GJV/jZ7nUWf
++G3pKhw1V2eOL1UvJ4fdzt+k85u1gHtK9ih0Ui3P2a40f2wdifL8AKoc+qAwIhQZ
+dmWcMWA5XQ0KFYCyJkRpc6INEcC1IW9SzUovhyNIKPyM24ODVnqlY2FMbLs7gJ+6
+rWZjsGNXAgMBAAECggEAC47EQ23E6CBcy4pQz4MzDByEw+sH6FtIN/iKqS+UNl2E
+JG9PO3VFDdtEq/0opHrweDfxfBxIBJUQPW7Yf/cfddlA/cid9RYqN4CVzOduyLzA
+9F9uC3Np0yKjTHN7938VqnXNeRX4g2iDwxs2sfuRZSJyZeY2C6mc+CQPEeUNoiIf
+iEevqy5uk08CcuZfT6mr/AM3EOhvtLc5Vz2jlDBR5DkkEibIzkiU9cBQqgfeoZee
+aYy0SvowJ+YfeF+sq/Hj3XBozBfIvYrHSLjMduI2ZBLrNgC3rGzYZqNXCoRoEB9q
+9par8S7bxvr8v0fPr+IgxOmYU3btOWdObD4WV8ZJYQKBgQDc9uIQwV8VcE+3oPn+
+bretrIn6gNSBpf5uHSN37Gj1SoZSA77hADRLb6S2nrEQe94ufA8wG7MbLW6n8QuA
+K8mPKS8jNlYm3UVX58mvusAdl6aX5eVoJFwDnlOAr1QXxxS4elmkkg1a+LhGMLY1
+sYcBzFuCb4V7w5+1X8COVeWxqQKBgQDWJIBCuDDOGUDqP4xDz6g2h73Lprd5SqFW
+S4wx+ANdW1KAqF8HC4F2wYtWOxNmhtSmcQDXoc46nAdc0K/ztt7DEaVIpmM0JkoB
+UQd3jlDSSyxR2dqIbYX8G/orPspeDvDo8hZIy2c7Q6X0ECXeRKQT1QKLtlgGWbwx
+uTjlLlyM/wKBgEgpjJzCOiZLPo2O0fYI/I2Iiqs3xa7tohEeDQZOO9zX0NQaCw16
+PpngRR+q5dKnUWFG/MLOWQjoJnpMW2ApbLMHVTCfvzUEEHBr708nozRG4Y4781a2
+gSJhY43kNIdradXxhzMay6fJEI1DvU39w0SQE9aeSy6nLZJTShRx8wi5AoGALYDY
+GFVXWZQYLS6PuaEYl23EsM+eURHAsrue8MdIv7+2Cky81JxnSDrcRtiKyNCBw1Rj
+324silu5XMmjeeAz+bN4MbXZgq1YMGttcMQ2/Fio9EOcojzTqbywLhxLmC0ImBdJ
+EPLX3soDK5d61H41d1leDx4SGldbHB3Frz1owTUCgYBTW5pDgCdGKLWumNc89wyX
+F0nGycd4/8sEJWozfgsQ+FmPlvqYjCke9nHTM6TIhTW9s6LxxmzIKIKIvcDPIMDR
+B2zNldkuL7+tU5LSzEXi9rTVKGhYuVEC10sbaeWMLgtOxWe08TBZrTDW+Hec1BUT
+tTqkU6SGHfgXMazbyF+DhA==
+-----END PRIVATE KEY-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/test.key b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/test.key
new file mode 100644
index 0000000000..389dd93f5d
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/private/test.key
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIppK+RhgYEmsCAggA
+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG/rQJN9VfmpBIIEyMxNUosBZiWi
+7ziO5LeP7tTeeNtTElo/BG7UgDfExEVyhfUvi/VF5yPNoGGzpIfSlUIdxs/IhkMA
+qvBBgHGZUzHTrPcxPv3HFA99MQ3sOXbLxV28ilzt/IHyNb2XuP6IHqmgdOIKIdJq
+0ln+WsToJLSJQy0wm56PJjcV5pnh+99wNQxnUO8N4PME+y1pkauBJ++i3y4t86Jn
+hJJd2ViSnJQ6B4xe9+iaV1qxGNq/b35T7P38hUI3r5FmmX3k8OFScmpExuSJKkwy
+G2PS5Q9V8jgYKCDHFqzdhRNMsfFOaeA4y6wlf8Vs8EvvFgwZuNWMZHLXrkLdsk/S
+pmVSMQZB584+2y/LrUATKo72Whx3yXxNxBXLL3/vqHef2luCDQMgxVHnTEnczppA
+2ABhgqXCz5/RwYiOL1ZIXrHpvL/j1UmCyZBA695hBNOLtSDwBmVeFaMZpfsQqu/h
+624mbu/ifSYyXDtrd4XFISqSIEd1eAzXSQNS90UWzxQJQ13Yv57PBPnCvbUxWiuI
+UhkHfgldYLvoswZ8B6Eenfw4b2EguFEksaYtrdiJ1H4F2EHP5i/ecXMFfBZ6f5+G
+SDzkODUUnniIW3j6XQKRERWp5t1bSYopSWLI259ntmGHTe6zzRjCf4D2POJxA6cy
+NDBXd1xxMZnjhDXO8y4vg8MIp4WhvNMvBAOS85mb2cFbL3eYZDokFe0XhTjEklai
+YdLSTGa0aU2x5u6FDGulvSwBSuHknHFfk9ABOZ0bVpMr7pYWQ0M/lB+OdU+msbkx
+liMVyrnsZjTfYhv/X8HQUKy087i7D6FNtcmNENkJKN7AAjnDaPiBizdMVWNSKrEa
+ox+V1uWpXba0HFtl57V1c3FvuXYtpQ7vSk3BrJMtSkkWalWmCxE6df7nJeygG4tj
+CskvgR75N6TOiNK6C8gKXZbirufICH47hJHzPbfDK+Wwl+tccXqL+5rcqGpqaHGw
+ED3Y5QkqLuk0wCBiyyuEX4E+l/Is64dRaiahjqp2M/SA4zuk1kIhEPRGyN9W6jx4
+T3yocMdXq7N87O+gA5XW+TPZlDxZeGIJK2V1qWpuvdbBFbT/PEdXVbFhErEVs2Vp
+KIxWGYxeajOruPdHBAbLtJaWiqqG84QCglbd240eG7fXse+onVHa9r0mhIgBdzOa
+Keheq5Wrjf6Zk9ljnzCEl79Bg92ZTWwOmOsXAWVL0eHS9VOkuSfjIVhEP0D69fxE
+dOeMB5ECy5vlnejkRnM0jtfaRuM+7ZNydKAL0z3gKjnBzYotNu8qcw/Pf/+c5qy3
+M1kZGeY/y+wdj+vHC9Tmi8dk21+ZEuZJ8Yb0kvv3lSo5UHdv8OxxQyVQdXc8M/Nx
+ZiMo8lryBhNbK6AIguukcTUo7HXXLg7+M78H7VKq/syZJvBVU9RT0NU7Z+amFgh+
+YXQPnu5IUCPAxTIEU0f17GXMLLkp2rRNMLiJVGZmyD+BTkWhc7z+z4jgtR16gqUA
+GBBzYI3ZlOekfNEKIemLYn3AaPAB79myaJxVsy/9KzNj2xv3r2ClAF0EWJLnhMrq
+dqHqhxkqjTeDAfqJwNrxWJ7Wvp5I9uJ+a2wIyrY5gluhEcdiaw3ehB9/ykLAMvtQ
+lpntxcSG4bJTbVuDW/JNRQ==
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/localhost.req b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/localhost.req
new file mode 100644
index 0000000000..e13ce06215
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/localhost.req
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICWTCCAUECAQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAuNXiZtOq6Pcv2Ha2xmdcCXffCxtZyvmp/sxQkZGk
+KpZVVIypFyUjjZN2BVyehmiCIkJS9n1yX4VcfGHSsqOiW0AFb+u+Y3WGKeeX5Ncg
+HrTEeXb3zx1wurAQ706c3BVP7rmnuT/xl913Cw47C8K9s4cHpJUseGt8rHrkAsGg
+PvXvOlH0s0pIWNAWEI1kuqAWiPBiVf42e51Fn/ht6SocNVdnji9VLyeH3c7fpPOb
+tYB7SvYodFItz9muNH9sHYny/ACqHPqgMCIUGXZlnDFgOV0NChWAsiZEaXOiDRHA
+tSFvUs1KL4cjSCj8jNuDg1Z6pWNhTGy7O4Cfuq1mY7BjVwIDAQABoAAwDQYJKoZI
+hvcNAQELBQADggEBAJ6ELpvR6jUrCnMqg+/CDeiWXVoB72tC9EQQxprQhRHxxcE+
+MzThuE9/bdC6UwJur+272Ih72/bPRCPdRO3H8338M7RQHW8CVA3lVrLNxjxehx4U
+rmiSuZqo+BsRYkz3IYjndRe+1I5Dhbi5qrNcognuBg6yGnNAqsFQRTkoeR20smxt
+h1WNsAT+p9a0gRo6MCtJRvzsZX3B4N1C+n18hfHOHiiG3gMHHWR61O4BKYbgImhb
+B3e6mQox4a3a5tHNgJrO0Q1LMrfAml2VMv/Gmx46f6M7GWDKRifXiP0hyY8OVvrQ
+uoTvWF2Fhas7TTRNeAE+m2Bpac8i8Umuf6OeOcs=
+-----END CERTIFICATE REQUEST-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/test.req b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/test.req
new file mode 100644
index 0000000000..93d6d6bed8
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/reqs/test.req
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVDCCATwCAQAwDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAM26OlebD5vdWsOMrPAkLiCOOzNthrLLgQCDSk8WQM2z5R3F
+f5jnS6D1b/NbG6JrFk1cW/5Gw1iODhP57GloN/Z94H6LlQ9xuomxXQ7KfJueB1fC
+S+NClu9eQ+r+EfI4OrQM4+JMKOIHu5pWY5iIkRX1J02l0YgMSUgkj3GNfQ5IG9mV
+pHvyt/ZolQwULxmNrMXNlaxCk6tuYDNAkPaATqhL8A/U1sBd8o/dwEEreJYSYDfn
+xcy6ejbeCvDlyZBRPWam0bnStNOty3L5RkUzZUrj6ZXuIzeSsGuolQIGBGt+RKlO
+PP2TWzJMw0AknlIU0ayqxYhLiHVRHJYmwtd1xnsCAwEAAaAAMA0GCSqGSIb3DQEB
+CwUAA4IBAQAzh0IYj8G2kv5a4I5gHONFN7X3tsYV+hTsr+Oi8/4RzYGzHKjN+VyR
+73YaIAY2pQACuz6QBsx1Gd4EhGnobCAwHqRoad5fsa6LQorToEkF1ZNH7262zZzZ
+mrG9Ke2MTIWbW1GQbnBj1/UAl1FAzF82zYrgCvNaM/B9HnALPqLTnP3I4Am+WGkm
+/3yEfxI9RO56Rub5VeX/rW/6YORjrv0s7SgFB2ec+zG0zKSmQwx9H2QGL1GJhgMz
+c+oCf+hEHMBVa2leQoDJHTUvLlT+gHf+RqB/FWGmeDWpXwj3wY+EUiS3HCLPwcPj
+xQxQJZACPqFDaxSKyFH9JdfOojYqhmK+
+-----END CERTIFICATE REQUEST-----
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/safessl-easyrsa.cnf b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/safessl-easyrsa.cnf
new file mode 100644
index 0000000000..d42a92f42e
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/safessl-easyrsa.cnf
@@ -0,0 +1,138 @@
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = /etc/openvpn/pki # Where everything is kept
+certs = /etc/openvpn/pki # Where the issued certs are kept
+crl_dir = /etc/openvpn/pki # Where the issued crl are kept
+database = /etc/openvpn/pki/index.txt # database index file.
+new_certs_dir = /etc/openvpn/pki/certs_by_serial # default place for new certs.
+
+certificate = /etc/openvpn/pki/ca.crt # The CA certificate
+serial = /etc/openvpn/pki/serial # The current serial number
+crl = /etc/openvpn/pki/crl.pem # The current CRL
+private_key = /etc/openvpn/pki/private/ca.key # The private key
+RANDFILE = /etc/openvpn/pki/.rand # private random number file
+
+x509_extensions = basic_exts # The extensions to add to the cert
+
+# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
+# is designed for will. In return, we get the Issuer attached to CRLs.
+crl_extensions = crl_ext
+
+default_days = 825 # how long to certify for
+default_crl_days= 3650 # how long before next CRL
+default_md = sha256 # use public key default MD
+preserve = no # keep passed DN ordering
+
+# This allows to renew certificates which have not been revoked
+unique_subject = no
+
+# A few different ways of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_anything
+
+# For the 'anything' policy, which defines allowed DN fields
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+name = optional
+emailAddress = optional
+
+####################################################################
+# Easy-RSA request handling
+# We key off $DN_MODE to determine how to format the DN
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+default_md = sha256
+distinguished_name = cn_only
+x509_extensions = easyrsa_ca # The extensions to add to the self signed cert
+
+# A placeholder to handle the $EXTRA_EXTS feature:
+#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
+
+####################################################################
+# Easy-RSA DN (Subject) handling
+
+# Easy-RSA DN for cn_only support:
+[ cn_only ]
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = ChangeMe
+
+# Easy-RSA DN for org support:
+[ org ]
+countryName = Country Name (2 letter code)
+countryName_default = US
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = California
+
+localityName = Locality Name (eg, city)
+localityName_default = San Francisco
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Copyleft Certificate Co
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default = My Organizational Unit
+
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = ChangeMe
+
+emailAddress = Email Address
+emailAddress_default = me@example.net
+emailAddress_max = 64
+
+####################################################################
+# Easy-RSA cert extension handling
+
+# This section is effectively unused as the main script sets extensions
+# dynamically. This core section is left to support the odd usecase where
+# a user calls openssl directly.
+[ basic_exts ]
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+
+# The Easy-RSA CA extensions
+[ easyrsa_ca ]
+
+# PKIX recommendations:
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This could be marked critical, but it's nice to support reading by any
+# broken clients who attempt to do so.
+basicConstraints = CA:true
+
+# Limit key usage to CA tasks. If you really want to use the generated pair as
+# a self-signed cert, comment this out.
+keyUsage = cRLSign, keyCertSign
+
+# nsCertType omitted by default. Let's try to let the deprecated stuff die.
+# nsCertType = sslCA
+
+# CRL extensions.
+[ crl_ext ]
+
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial
new file mode 100644
index 0000000000..ae8764b339
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial
@@ -0,0 +1 @@
+8055804ACAE0109030FB7947F31147AA
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial.old b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial.old
new file mode 100644
index 0000000000..32e19cae7a
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/serial.old
@@ -0,0 +1 @@
+8055804acae0109030fb7947f31147a9
diff --git a/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ta.key b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ta.key
new file mode 100644
index 0000000000..c0d007b4fe
--- /dev/null
+++ b/tests/e2e/rte/openvpn/openvpn-data/conf/pki/ta.key
@@ -0,0 +1,21 @@
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+456226c4d5a6895c48dad7fd5d36ee57
+3eb280683fbbfe1699d63e9fd4e5ec5b
+70500489c3ec36e0c30d6b18f9c48b6b
+aede839a99d492fd26beb51317c08eb2
+ebb320a0b980da0b13a88e37559594f5
+03b21fa6d72548f7be5fdb41ad1de315
+82373a95c5c503c1101236f43a59ec68
+ddc9a83d4b4a4437f2db9e16bcbd433a
+5211d060bc8376f1efe99bbf2413e543
+4e4473d5028c95f33ad5df3637505c31
+bb7661b03e7d882c3ec1c5ca5f9c2277
+09e2e4323392efb0dff0abadbe6d6887
+27bddf4a2f7f795fe7c227813f76cac2
+9e919074c638ad36e5001a187d113c4b
+3faab93dde06734c15a198ad686a315a
+3e1f91612528d4f6c4281916625e54b1
+-----END OpenVPN Static key V1-----
diff --git a/tests/e2e/rte/openvpn/test.ovpn b/tests/e2e/rte/openvpn/test.ovpn
new file mode 100644
index 0000000000..a6124a8815
--- /dev/null
+++ b/tests/e2e/rte/openvpn/test.ovpn
@@ -0,0 +1,109 @@
+
+client
+nobind
+dev tun
+remote-cert-tls server
+
+remote 127.0.0.1 1194 udp
+
+
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIppK+RhgYEmsCAggA
+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG/rQJN9VfmpBIIEyMxNUosBZiWi
+7ziO5LeP7tTeeNtTElo/BG7UgDfExEVyhfUvi/VF5yPNoGGzpIfSlUIdxs/IhkMA
+qvBBgHGZUzHTrPcxPv3HFA99MQ3sOXbLxV28ilzt/IHyNb2XuP6IHqmgdOIKIdJq
+0ln+WsToJLSJQy0wm56PJjcV5pnh+99wNQxnUO8N4PME+y1pkauBJ++i3y4t86Jn
+hJJd2ViSnJQ6B4xe9+iaV1qxGNq/b35T7P38hUI3r5FmmX3k8OFScmpExuSJKkwy
+G2PS5Q9V8jgYKCDHFqzdhRNMsfFOaeA4y6wlf8Vs8EvvFgwZuNWMZHLXrkLdsk/S
+pmVSMQZB584+2y/LrUATKo72Whx3yXxNxBXLL3/vqHef2luCDQMgxVHnTEnczppA
+2ABhgqXCz5/RwYiOL1ZIXrHpvL/j1UmCyZBA695hBNOLtSDwBmVeFaMZpfsQqu/h
+624mbu/ifSYyXDtrd4XFISqSIEd1eAzXSQNS90UWzxQJQ13Yv57PBPnCvbUxWiuI
+UhkHfgldYLvoswZ8B6Eenfw4b2EguFEksaYtrdiJ1H4F2EHP5i/ecXMFfBZ6f5+G
+SDzkODUUnniIW3j6XQKRERWp5t1bSYopSWLI259ntmGHTe6zzRjCf4D2POJxA6cy
+NDBXd1xxMZnjhDXO8y4vg8MIp4WhvNMvBAOS85mb2cFbL3eYZDokFe0XhTjEklai
+YdLSTGa0aU2x5u6FDGulvSwBSuHknHFfk9ABOZ0bVpMr7pYWQ0M/lB+OdU+msbkx
+liMVyrnsZjTfYhv/X8HQUKy087i7D6FNtcmNENkJKN7AAjnDaPiBizdMVWNSKrEa
+ox+V1uWpXba0HFtl57V1c3FvuXYtpQ7vSk3BrJMtSkkWalWmCxE6df7nJeygG4tj
+CskvgR75N6TOiNK6C8gKXZbirufICH47hJHzPbfDK+Wwl+tccXqL+5rcqGpqaHGw
+ED3Y5QkqLuk0wCBiyyuEX4E+l/Is64dRaiahjqp2M/SA4zuk1kIhEPRGyN9W6jx4
+T3yocMdXq7N87O+gA5XW+TPZlDxZeGIJK2V1qWpuvdbBFbT/PEdXVbFhErEVs2Vp
+KIxWGYxeajOruPdHBAbLtJaWiqqG84QCglbd240eG7fXse+onVHa9r0mhIgBdzOa
+Keheq5Wrjf6Zk9ljnzCEl79Bg92ZTWwOmOsXAWVL0eHS9VOkuSfjIVhEP0D69fxE
+dOeMB5ECy5vlnejkRnM0jtfaRuM+7ZNydKAL0z3gKjnBzYotNu8qcw/Pf/+c5qy3
+M1kZGeY/y+wdj+vHC9Tmi8dk21+ZEuZJ8Yb0kvv3lSo5UHdv8OxxQyVQdXc8M/Nx
+ZiMo8lryBhNbK6AIguukcTUo7HXXLg7+M78H7VKq/syZJvBVU9RT0NU7Z+amFgh+
+YXQPnu5IUCPAxTIEU0f17GXMLLkp2rRNMLiJVGZmyD+BTkWhc7z+z4jgtR16gqUA
+GBBzYI3ZlOekfNEKIemLYn3AaPAB79myaJxVsy/9KzNj2xv3r2ClAF0EWJLnhMrq
+dqHqhxkqjTeDAfqJwNrxWJ7Wvp5I9uJ+a2wIyrY5gluhEcdiaw3ehB9/ykLAMvtQ
+lpntxcSG4bJTbVuDW/JNRQ==
+-----END ENCRYPTED PRIVATE KEY-----
+
+
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIRAIBVgErK4BCQMPt5R/MRR6kwDQYJKoZIhvcNAQELBQAw
+DzENMAsGA1UEAwwEdGVzdDAeFw0yMTExMDgwNzUxNTZaFw0yNDAyMTEwNzUxNTZa
+MA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDNujpXmw+b3VrDjKzwJC4gjjszbYayy4EAg0pPFkDNs+UdxX+Y50ug9W/zWxui
+axZNXFv+RsNYjg4T+expaDf2feB+i5UPcbqJsV0OynybngdXwkvjQpbvXkPq/hHy
+ODq0DOPiTCjiB7uaVmOYiJEV9SdNpdGIDElIJI9xjX0OSBvZlaR78rf2aJUMFC8Z
+jazFzZWsQpOrbmAzQJD2gE6oS/AP1NbAXfKP3cBBK3iWEmA358XMuno23grw5cmQ
+UT1mptG50rTTrcty+UZFM2VK4+mV7iM3krBrqJUCBgRrfkSpTjz9k1syTMNAJJ5S
+FNGsqsWIS4h1URyWJsLXdcZ7AgMBAAGjgZswgZgwCQYDVR0TBAIwADAdBgNVHQ4E
+FgQUjp4ln09TbR3WLAgDLGbDb5AWU5YwSgYDVR0jBEMwQYAUPwGq0LHvvgK4J9XB
+8b16BvFvj3OhE6QRMA8xDTALBgNVBAMMBHRlc3SCFHKh49rkvHCvUmEIiZqCEf+3
+1ND6MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0B
+AQsFAAOCAQEAAGfSk+Zpy/32n9/2WSAq9g8DurPaZd5iIzaijU8nIg49AYDZWc3F
+8Bqbxej0b+LHKfw3IS9vnbiM9m43ybFKDZ3lzQpLAQqYj0bpJJec73XdpPczfd8J
+80y2PDinLiYdaPmHmq5sYNneMvFpZpfLIIENtQF0tXOMhStac+rN5SUTRDokCgpy
+TULMC1rJlgUgN/sblRiNZv8Q+DrYA2xsN27eUVkIftEzEQh07fw/TRkAgoiflWam
+6fFzVeF6P66m4bdR35IoGUIdpaftueQA6qdV41USRV/54aUfE/HuGjHlrp0u793Y
+VrJ89roIQdsTFjEOXUGybZgB5EOi0TSekQ==
+-----END CERTIFICATE-----
+
+
+-----BEGIN CERTIFICATE-----
+MIIDNjCCAh6gAwIBAgIUcqHj2uS8cK9SYQiJmoIR/7fU0PowDQYJKoZIhvcNAQEL
+BQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMTExMDgwNzQ5MTBaFw0zMTExMDYwNzQ5
+MTBaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCibt8kh9lqTC0O631rPHN0kMQ4kMQ/eZ59mKhAJZ3rBchIBrQne2yTw2z+
+X1ESa3VTkW2jyJ5r7iuo+Xyc8246tfBwO3u0DJ2DeZZOYPzMg48nJNxs3ur3iXAT
+r6Aiwp0gtMNC2XcW7y5OPl8l+BhSt2PsWcdEdmLJgvRPJ2x+Ea8wivuw6FO6byK7
+Mxw7/CbNMw8Eey9eSz9kWDrgetS0kOgfqtt1ZnKDZkbLy8jFl0xW488VUrefUR1g
+lOje8QySjDvzT8sUR0lASyS+/J6j/3gLlSS42e4SxMz00jEus+ye56cO16Pc+vKI
+Xsev8cRPiSDTZTvc7Eaq/OcKVl11AgMBAAGjgYkwgYYwHQYDVR0OBBYEFD8BqtCx
+774CuCfVwfG9egbxb49zMEoGA1UdIwRDMEGAFD8BqtCx774CuCfVwfG9egbxb49z
+oROkETAPMQ0wCwYDVQQDDAR0ZXN0ghRyoePa5Lxwr1JhCImaghH/t9TQ+jAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXUrDhVAX
+TkbhKRBuhUGQb03RyACQKBFM/SwhrmwpQMXo7BUuqWJ27U5/TRHrfKJxDgppmwIs
+qmtrT07tA7e/OyFSZtZ9p/4H+5xM9FCsmu6YMQ3ZloHHGWmibrDNK70frVgRAEAS
+FyAsEgpKZCr6OJNd7v2dbvO4AniZVVvccU17cJAx177YC3fNIuRtpHkm93D3qI+1
+4SED7rktVfXUKs6RMFmqIum5WRzgiJBAtk2GVQMrAAu/xmUPS/aqzstNte4KQ+UY
+2qI9v1wYM8j+BT5nsBT02K+zOsYdkG39n7QEfcecPAjOkKsaFbSf/WZcsb6oCVgl
+d/Nz24kfh76SqQ==
+-----END CERTIFICATE-----
+
+key-direction 1
+
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+456226c4d5a6895c48dad7fd5d36ee57
+3eb280683fbbfe1699d63e9fd4e5ec5b
+70500489c3ec36e0c30d6b18f9c48b6b
+aede839a99d492fd26beb51317c08eb2
+ebb320a0b980da0b13a88e37559594f5
+03b21fa6d72548f7be5fdb41ad1de315
+82373a95c5c503c1101236f43a59ec68
+ddc9a83d4b4a4437f2db9e16bcbd433a
+5211d060bc8376f1efe99bbf2413e543
+4e4473d5028c95f33ad5df3637505c31
+bb7661b03e7d882c3ec1c5ca5f9c2277
+09e2e4323392efb0dff0abadbe6d6887
+27bddf4a2f7f795fe7c227813f76cac2
+9e919074c638ad36e5001a187d113c4b
+3faab93dde06734c15a198ad686a315a
+3e1f91612528d4f6c4281916625e54b1
+-----END OpenVPN Static key V1-----
+
+
diff --git a/tests/e2e/rte/oss-cluster-7-rs/Dockerfile b/tests/e2e/rte/oss-cluster-7-rs/Dockerfile
index 956d5394ad..b3f1a97011 100644
--- a/tests/e2e/rte/oss-cluster-7-rs/Dockerfile
+++ b/tests/e2e/rte/oss-cluster-7-rs/Dockerfile
@@ -1,11 +1,19 @@
FROM redislabs/rejson:1.0.8 as rejson
-FROM redislabs/redisearch:2.6.5 as redisearch
-
FROM redis:7.0.8
COPY redis.conf /etc/redis/
COPY --from=rejson /usr/lib/redis/modules/rejson.so /etc/redis/modules/
-COPY --from=redisearch /usr/lib/redis/modules/redisearch.so /etc/redis/modules/
+
+CMD ls -la
+RUN ls -la /etc/redis/modules
+
+ADD https://s3.amazonaws.com/redisinsight.test/public/rte/modules/redisearch-coord/redisearch-coord.so.tar.gz .
+
+RUN ls -la
+RUN ls -la /etc/redis/modules
+RUN tar -xvzf redisearch-coord.so.tar.gz && rm redisearch-coord.so.tar.gz && cp redisearch-coord.so /etc/redis/modules
+RUN ls -la
+RUN ls -la /etc/redis/modules
CMD [ "redis-server", "/etc/redis/redis.conf" ]
diff --git a/tests/e2e/rte/oss-cluster-7-rs/redis.conf b/tests/e2e/rte/oss-cluster-7-rs/redis.conf
index 3733dcdd32..1c7ab660d5 100644
--- a/tests/e2e/rte/oss-cluster-7-rs/redis.conf
+++ b/tests/e2e/rte/oss-cluster-7-rs/redis.conf
@@ -41,7 +41,7 @@
# it will abort. It is possible to use multiple loadmodule directives.
#
loadmodule /etc/redis/modules/rejson.so
-loadmodule /etc/redis/modules/redisearch.so
+loadmodule /etc/redis/modules/redisearch-coord.so
# loadmodule /path/to/other_module.so
################################## NETWORK #####################################
diff --git a/tests/e2e/vpn.docker-compose.yml b/tests/e2e/vpn.docker-compose.yml
new file mode 100644
index 0000000000..c93203db54
--- /dev/null
+++ b/tests/e2e/vpn.docker-compose.yml
@@ -0,0 +1,11 @@
+version: "3.4"
+
+services:
+ # openvpn server to reach private network from the host
+ openvpn:
+ extends:
+ file: ./rte/openvpn/docker-compose.yml
+ service: openvpn
+ networks:
+ default:
+ ipv4_address: 172.31.100.247