Can I use the same paid SSL certificate for OpenVPN and Apache?
UPDATE: The purpose is to get a Estonian National ID card support to both. So that one, using this smart card, may authenticate himself with his personal PIN code for Apache for accessing restricted web pages and also authenticate himself to OpenVPN server using the same PIN. The issuer of the certificate is okay with this.
Yes it should be technically possible. Remember, there's nothing magical about a SSL certificate. As far as Apache, OpenVPN or any other application is concerned your SSL certificate is just a bunch of pseudo-random bits.
Whether or not this is a good idea depends upon your goals. More details would be helpful.
It also occurs to me that this might violate the terms under which you purchased your signed SSL certificate from your 3rd party. Again, more details would be helpful.
You may be better off using a local certificate authority for OpenVPN. This will give you better access control. You can limit access to clients signed by that authority.
It is unlikely you will be able to sign certificates for clients with your paid certificates. Signing certificates are usually significantly more expensive.
You can use your paid certificates for other servers such as LDAP, SMTP, IMAP, and POP as long as the domain matches the certificate. Like any other servers ensure you secure these services before enabling them over the network.
I believe the only thing you'd have to worry about is making sure the key usage and extended key usage on your cert match any key usage restrictions you've configured for OpenVPN.
