diff --git a/config.ml b/config.ml
index 2504019..1e308ec 100644
--- a/config.ml
+++ b/config.ml
@@ -1,5 +1,7 @@
+(* mirage >= 4.5.0 & < 4.6.0 *)
 open Mirage
 
+(* xenstore id 51712 is the root volume *)
 let block = block_of_xenstore_id "51712"
 let config = tar_kv_ro block
 let ethernet = etif default_network
@@ -10,8 +12,10 @@ let ipv4_only = Runtime_arg.ipv4_only ~group:"sys-net" ()
 let ipv6_only = Runtime_arg.ipv4_only ~group:"sys-net" ()
 let stack = direct_stackv4v6 ~ipv4_only ~ipv6_only default_network ethernet arp ipv4 ipv6
 
+let config_key = runtime_arg ~pos:__POS__ "Unikernel.config_key"
+
 let main =
-  main ~runtime_args:[]
+  main ~runtime_args:[ config_key ]
     ~packages:
       [
         package "vchan" ~min:"4.0.2";
diff --git a/qubes-miragevpn.sha256 b/qubes-miragevpn.sha256
index 0311878..43efe5e 100644
--- a/qubes-miragevpn.sha256
+++ b/qubes-miragevpn.sha256
@@ -1 +1 @@
-c38251c9c0e72e891b0bffeba3ab4a14244360df3eaea4b87af778e299f1d2b7  ./dist/qubes-miragevpn.xen
+2959804554bc7bca62d391355086abe80ffe37c35ce3c016eba0320a3077d0e0  ./dist/qubes-miragevpn.xen
diff --git a/unikernel.ml b/unikernel.ml
index bd7b215..29c198d 100644
--- a/unikernel.ml
+++ b/unikernel.ml
@@ -1,6 +1,10 @@
 let ( let* ) = Lwt.bind
 let ( % ) f g = fun x -> f (g x)
 
+let config_key =
+  let doc = Cmdliner.Arg.info ~doc:"OpenVPN config filename." [ "config_key" ] in
+  Cmdliner.Arg.(value & opt string "/config.ovpn" doc)
+
 module Main
     (R : Mirage_random.S)
     (M : Mirage_clock.MCLOCK)
@@ -267,17 +271,19 @@ struct
           (* TODO(dinosaure): should report ICMP error message to src. *)
           ingest_private t end
 
-  let openvpn_configuration disk =
-    let* contents = KV.get disk (Mirage_kv.Key.v "/config.ovpn") in
+  let openvpn_configuration disk config_key =
+    let* contents = KV.get disk (Mirage_kv.Key.v config_key) in
     match contents with
-    | Error _ -> Fmt.failwith "No OpenVPN configuration found"
+    | Error _ ->
+      Logs.err(fun m -> m "Expected configuration file '%s' is absent in the root volume.\nTry to run in dom0:\n  qvm-volume import mirage-vpn:root vpn.tar\nwith the tarball containing the requested configuration file." config_key);
+      Fmt.failwith "No OpenVPN configuration found"
     | Ok contents -> (
         let string_of_file _ = Error (`Msg "Impossible to load extra files") in
         match Miragevpn.Config.parse_client ~string_of_file contents with
         | Ok cfg -> Lwt.return cfg
         | Error _ -> Fmt.failwith "Invalid OpenVPN configuration")
 
-  let start _random _mclock _pclock _time qubesDB vif0 disk =
+  let start _random _mclock _pclock _time qubesDB vif0 disk config_key =
     Logs.debug (fun m -> m "Start the unikernel");
     let shutdown =
       let* value = Xen_os.Lifecycle.await_shutdown_request () in
@@ -289,7 +295,7 @@ struct
       Ipaddr.V4.pp (fst cfg.Dao.dns)
       Ipaddr.V4.pp (snd cfg.Dao.dns));
     let clients = Clients.create cfg in
-    let* config = openvpn_configuration disk in
+    let* config = openvpn_configuration disk config_key in
     Logs.debug (fun m -> m "OpenVPN configuration loaded");
     let* ovpn = O.connect config vif0 in
     match ovpn with