-
-
Save renatolfc/18e428b5a758df24455b to your computer and use it in GitHub Desktop.
| #!/bin/sh | |
| ## | |
| ## Usage: ./ovpn-writer.sh SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET > client.ovpn | |
| ## | |
| server=${1?"The server address is required"} | |
| cacert=${2?"The path to the ca certificate file is required"} | |
| client_cert=${3?"The path to the client certificate file is required"} | |
| client_key=${4?"The path to the client private key file is required"} | |
| tls_key=${5?"The path to the TLS shared secret file is required"} | |
| cat << EOF | |
| client | |
| dev tun | |
| remote ${server} | |
| resolv-retry infinite | |
| nobind | |
| persist-key | |
| persist-tun | |
| ca [inline] | |
| cert [inline] | |
| key [inline] | |
| tls-auth [inline] 1 | |
| verb 1 | |
| keepalive 10 120 | |
| port 1194 | |
| proto udp | |
| cipher BF-CBC | |
| comp-lzo | |
| remote-cert-tls server | |
| <ca> | |
| EOF | |
| cat ${cacert} | |
| cat << EOF | |
| </ca> | |
| <cert> | |
| EOF | |
| cat ${client_cert} | |
| cat << EOF | |
| </cert> | |
| <key> | |
| EOF | |
| cat ${client_key} | |
| cat << EOF | |
| </key> | |
| <tls-auth> | |
| EOF | |
| cat ${tls_key} | |
| cat << EOF | |
| </tls-auth> | |
| EOF |
The iOS OpenVPN client balks at the ovpn files produced by this.
Specifically, it doesn't like the lines with '[inline]' in them. To get it to work, I have to remove those lines while retaining the actual cert data encapsulated in their respective xml style angle brackets.
Additionally, I have to add a 'key-direction' line.
Forked - added server cipher and auth digest for those that have locked down the service a bit more and require clients to provide matching values.
Today i got similar problem. I wrote app on java which is able to find in current directory all the files *.conf, ca.crt, ta.key, *.crt and *.key and correctly joining to *.ovpn files with corresponding sections. If you need it, send my request to [email protected]
EDIT: See my fork which seems to be working on iOS 9.3.3.
@graysky2: Cannot find your fork.
I successfully created the client.ovpn file then ran this command openvpn3 session-start --config <absolute_path_to_client.ovpn> then it gave me this error config-import: ** ERROR ** ERR_PROFILE_GENERIC: [inline], [inline], [inline], [inline] what am i doing wrong please help me..
I successfully created the client.ovpn file then ran this command
openvpn3 session-start --config <absolute_path_to_client.ovpn>then it gave me this errorconfig-import: ** ERROR ** ERR_PROFILE_GENERIC: [inline], [inline], [inline], [inline]what am i doing wrong please help me..
Check https://gist.github.com/renatolfc/18e428b5a758df24455b#gistcomment-1764360. Syntax might have changed. You might be able to get away with removing the lines with [inline].
I successfully created the client.ovpn file then ran this command
openvpn3 session-start --config <absolute_path_to_client.ovpn>then it gave me this errorconfig-import: ** ERROR ** ERR_PROFILE_GENERIC: [inline], [inline], [inline], [inline]what am i doing wrong please help me..Check https://gist.github.com/renatolfc/18e428b5a758df24455b#gistcomment-1764360. Syntax might have changed. You might be able to get away with removing the lines with
[inline].
can you please provide the modified code file for this I tried to remove those [inline] thingy but it is still not working . any help will be appreciated thankx.
BTW I am using ubuntu 21.04
Thanks for this, its simple and just works :)