diff --git a/config/rootfiles/core/120/filelists/Net_SSLeay b/config/rootfiles/core/120/filelists/Net_SSLeay
new file mode 120000
index 000000000..13fe0560c
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/Net_SSLeay
@@ -0,0 +1 @@
+../../../common/Net_SSLeay
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/cyrus-sasl b/config/rootfiles/core/120/filelists/cyrus-sasl
new file mode 120000
index 000000000..bb51b4c92
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/cyrus-sasl
@@ -0,0 +1 @@
+../../../common/cyrus-sasl
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/files b/config/rootfiles/core/120/filelists/files
index 168c7d188..4baf08ebf 100644
--- a/config/rootfiles/core/120/filelists/files
+++ b/config/rootfiles/core/120/filelists/files
@@ -1,3 +1,5 @@
 etc/system-release
 etc/issue
+etc/fcron.daily/openvpn-crl-updater
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
 var/ipfire/langs
diff --git a/config/rootfiles/core/120/filelists/i586/openssl-sse2 b/config/rootfiles/core/120/filelists/i586/openssl-sse2
new file mode 120000
index 000000000..f424713d6
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/i586/openssl-sse2
@@ -0,0 +1 @@
+../../../../common/i586/openssl-sse2
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssh b/config/rootfiles/core/120/filelists/openssh
new file mode 120000
index 000000000..d8c77fd8e
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssh
@@ -0,0 +1 @@
+../../../common/openssh
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssl b/config/rootfiles/core/120/filelists/openssl
new file mode 120000
index 000000000..e011a9266
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssl
@@ -0,0 +1 @@
+../../../common/openssl
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssl-compat b/config/rootfiles/core/120/filelists/openssl-compat
new file mode 120000
index 000000000..c9fa42132
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssl-compat
@@ -0,0 +1 @@
+../../../common/openssl-compat
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openvpn b/config/rootfiles/core/120/filelists/openvpn
new file mode 120000
index 000000000..493f3f7a4
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openvpn
@@ -0,0 +1 @@
+../../../common/openvpn
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/python-typing b/config/rootfiles/core/120/filelists/python-typing
new file mode 120000
index 000000000..fc7f075a0
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/python-typing
@@ -0,0 +1 @@
+../../../common/python-typing
\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/wget b/config/rootfiles/core/120/filelists/wget
new file mode 120000
index 000000000..fcb57dfec
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/wget
@@ -0,0 +1 @@
+../../../common/wget
\ No newline at end of file
diff --git a/config/rootfiles/core/120/update.sh b/config/rootfiles/core/120/update.sh
index 9986316e9..c9bbd4723 100644
--- a/config/rootfiles/core/120/update.sh
+++ b/config/rootfiles/core/120/update.sh
@@ -42,7 +42,25 @@ ldconfig
 # Update Language cache
 /usr/local/bin/update-lang-cache
 
+# Changed and new OpenVPN-2.4 directives will wrote to server.conf and renew CRL while update an core update
+if [ -e /var/ipfire/ovpn/server.conf ]; then
+	openvpnctrl -k
+
+	# Update configuration directives
+	sed -i -e 's/script-security 3 system/script-security 3/' \
+		-e '/status .*/ a ncp-disable' /var/ipfire/ovpn/server.conf
+
+	# Update the OpenVPN CRL
+	openssl ca -gencrl -keyfile /var/ipfire/ovpn/ca/cakey.pem \
+		-cert /var/ipfire/ovpn/ca/cacert.pem \
+		-out /var/ipfire/ovpn/crls/cacrl.pem \
+		-config /var/ipfire/ovpn/openssl/ovpn.cnf
+
+	openvpnctrl -s
+fi
+
 # Start services
+/etc/init.d/apache restart
 
 # This update needs a reboot...
 touch /var/run/need_reboot