We have successfully extracted private key material multiple times from an OpenVPN server by exploiting the Heartbleed Bug. The material we found was sufficient for us to recreate the private key and impersonate the server.
As you may know, OpenVPN has an SSL/TLS mode where certificates are used for authentication. OpenVPN multiplexes the SSL/TLS session used for authentication and key exchange with the actual encrypted tunnel data stream. The default TLS library for OpenVPN is OpenSSL. Since OpenVPN uses the OpenSSL library but merely passes through the TLS traffic to OpenSSL, this means that OpenVPN is exploitable using Heartbleed, in theory. However, until now there hasn't been any solid evidence that private key material can be extracted from OpenVPN just like it has from some web servers.
This was the server setup we used:
Ubuntu 12.04 (VM using KVM)
Our exploit is decently weaponized, and while the code is an abomination that even Eris would be embarrassed to present, we believe it may severely impact those who have not already upgraded. Therefore, we will not be publishing the code. Nevertheless, you should assume that other teams with more nefarious purposes have already created weaponized exploits for OpenVPN. Just to be clear, we don't intend to use this exploit ourselves. We merely developed it to examine the practical impact on OpenVPN as part of our incident investigation.
To our knowledge there is currently one published proof of concept script that checks an OpenVPN server's vulnerability to Heartbleed.
Private questions that are not requests for the exploit can be emailed to firstname.lastname@example.org or email@example.com (PGP: 0x2C62E8AE).
Fredrik Strömberg, Co-founder of Mullvad
(edit: Formatting, because I'm a HN noob.)
(edit[?]: Giving up on the formatting.)