1. The Web Interface
  2. Services
  3. OpenVPN on IPFire
  4. Configure iOS Device for OpenVPN
  5. Manual Method to create a unified `.ovpn` file

Manual Method to create a unified .ovpn file

There are five(5) sections to a unified .ovpn file:

  1. The OpenVPN client conf section
    • The file is obtained from the Download Client Package (zip) above.
    • Download and copy the .ovpn file to a new file. Let's call it myPhone.ovpn.
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
key-direction bidirectional
<ca>
  1. The Root Certificate (ca directive)
    • Open the OpenVPN webpage (Service > OpenVPN), scroll down to the Certificate Authorities and -Keys
    • Download the Root Certificate by clicking on the floppy disk. Locate the cacert.pem file in the Downloads folder.
    • Copy the contents of cacert.pem to end of the myPhone.ovpn
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</ca>
<cert>
  1. The Host Certificate (cert directive)
    • Open the OpenVPN webpage (Service > OpenVPN), scroll down to Certificate Authorities and -Keys
    • Locate the Host Certificate and click on the Show host certificate icon (the blue circle i)
    • Scroll to the bottom of the OpenVPN - Host Certificate webpage
    • Copy all of the lines from -----BEGIN CERTIFICATE----- to the end
    • Paste those lines at the end of the myPhone.ovpn file
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</cert>
<key>
  1. The Encrypted Private Key (key)
    • The myPhone.p12 file is obtained from the Download Client Package (zip) above.
    • In the terminal, go to the directory where the myPhone.p12 file is located and enter:
PKCS12_PW=<PKCS12 File Password>  # mentioned above in Preparations
openssl pkcs12 -nocerts -in iPhone.p12 -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW
  1. (continued)
    • Copy all of the lines from -----BEGIN CERTIFICATE----- to the end
    • Paste those lines at the end of the myPhone.ovpn file
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</key>
<tls-auth>
  1. The TA key (tls-auth)
    • The ta.key file is obtained from the Download Client Package (zip) above.
    • Copy the contents of ta.key to end of the myPhone.ovpn
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</tls-auth>

To install the .ovpn unified file, follow the steps here.

Done creating the unified ovpn file! The myPhone.ovpn file should look similar to the file below.

Example iphone.ovpn
Example iphone.ovpn

Edit Page ‐ Yes, you can edit!

Older Revisions • January 23 at 11:57 pm • Jon