How do I add an external certificate to OpenVPN?

Where can I find an OpenVPN certificate?

OpenVPN certificates are typically found on certificate sellers' websites, which are the largest manufacturers of certificate authority (CA). If you're unable to find OpenVPN certificates anywhere on the web, perhaps your favorite CA makes one, or you may want to create your own.

The CA creates a certificate and places it onto an approved CRL (Certificate Revocation List) - which is a store listing revoked certificates - then distributes the certificate into other organizations who can create their own certificates that contain that private/public key association. This allows for a self-signed certificate, but the CA should confirm that its revocation lists for these certificates are being properly used in the industry. Many online services use their customers' public keys, but only if the customer has been verified by them before allowing access to their own network. This is why it's important to ensure that these companies are secure themselves - you should verify that your CA isn't a victim of fraud if you're going to entrust your credentials to their servers.

Your own local CA is more vulnerable to abuse if it is used. The more you trust someone else, the less likely you are to take precautions to ensure that their certificate was created in the public interest. It should only be used if no other alternatives were available.

A certificate seller like EV SSL or StartCom doesn't need to do any vetting of the CA that they sell the private/public key association for - they simply follow industry best practices and make money. Because the keys are trusted, they become a very attractive target to attackers, so it's a good idea to take extra precaution when dealing with one. Forcing encryption is an excellent defense in any instance where the data you are transmitting with an encrypted connection can be intercepted or tampered with, though it's also useful to have a means to inspect your incoming and outgoing traffic even without proper encryption enabled. Many routers allow for remote administration, allowing for advanced troubleshooting of any issues on the router or client device by the IT department or the end user. To keep your network safe, you'll need a router that allows the IT department to administer your devices remotely. For example, SonicWall supports Remote Management Console (RMC) in the management of SonicWALL hardware and applications, VPN configurations and policy setting. RMC is used to protect VPN connections; it allows administrators to remotely restart services, manage software installations and perform other administrative actions.

How to connect to OpenVPN with URL?

A friend of mine has asked me if I knew how to connect to OpenVPN using a URL.

I have been using OpenVPN for quite some time now, so I knew something about it, but after a few minutes research I realized he was asking the impossible. He wanted to connect using a URL, similar to this:
How do you guys (on Ubuntu 14.04) connect to OpenVPN servers using a URL instead of an IP address? Please point me in the right direction as I'm a noob to OpenVPN. Thank you.

In OpenVPN, openvpn-server-identify -d will give you the openvpn DNS name. Your vpn is still at 192.168.42, so you may need to map that DNS name to your own system:
Ip domain name mappings. As always, please be extremely careful with how you configure vpns, especially for non-managed systems.