It would be nice to have pkcs11 support when defining OpenVPN vtun interfaces. Currently it always requires cert-file and key-file directives.
Current situation example with cert-file and key-file (normal usage):
tls { ca-cert-file /config/auth/vpn/ca.crt cert-file /config/auth/vpn/vpn.crt key-file /config/auth/vpn/vpn.key }
Possible example when using a token with pkcs11:
openvpn-option "--pkcs11-providers /usr/lib/libeToken.so" tls { ca-cert-file /config/auth/vpn/ca.crt pkcs11-id "'SafeNet, Inc./eToken/0123abcd/eToken PRO Java/10809016BCD13550'" }