Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Differences in Revisions: Manual Method to create a unified `.ovpn` file

corrected links
# Manual Method to create a unified `.ovpn` file
**[Back to OpenVPN main page](/configuration/services/openvpn)**
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
**Work in Progress... Work in Progress... Work in Progress... Work in Progress... Work in Progress...**
 
There are five(5) sections to a unified `.ovpn` file:
 
1. The OpenVPN client conf section
* The file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios_v2#download-client-package) above.
* The file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* Download and copy the `.ovpn` file to a new file. Let's call it `myPhone.ovpn`.
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
 
```
key-direction bidirectional
<ca>
```
2. The Root Certificate (ca directive)
* Open the OpenVPN webpage (**Service** > **OpenVPN**), scroll down to the **Certificate Authorities and -Keys**
* Download the **Root Certificate** by clicking on the floppy disk. Locate the `cacert.pem` file in the Downloads folder.
* Copy the contents of `cacert.pem` to end of the `myPhone.ovpn`
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</ca>
<cert>
```
3. The Host Certificate (cert directive)
* Open the OpenVPN webpage (**Service** > **OpenVPN**), scroll down to **Certificate Authorities and -Keys**
* Locate the **Host Certificate** and click on the *Show host certificate* icon (the blue circle i)
* Scroll to the bottom of the **OpenVPN - Host Certificate** webpage
* Copy all of the lines from `-----BEGIN CERTIFICATE-----` to the end
* Paste those lines at the end of the `myPhone.ovpn` file
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</cert>
<key>
```
 
4. The Encrypted Private Key (key)
* The `myPhone.p12` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios_v2#download-client-package) above.
* The `myPhone.p12` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* In the terminal, go to the directory where the `myPhone.p12` file is located and enter:
 
```
PKCS12_PW=<PKCS12 File Password> # mentioned above in Preparations
openssl pkcs12 -nocerts -in iPhone.p12 -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW
```
4. (continued)
* Copy all of the lines from `-----BEGIN CERTIFICATE-----` to the end
* Paste those lines at the end of the `myPhone.ovpn` file
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</key>
<tls-auth>
```
5. The TA key (tls-auth)
* The `ta.key` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios_v2#download-client-package) above.
* The `ta.key` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* Copy the contents of `ta.key` to end of the `myPhone.ovpn`
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</tls-auth>
```
 
To install the `.ovpn` unified file, follow the steps [here](/configuration/services/openvpn/ios/ios_itunes).
 
Done creating the unified ovpn file! The `myPhone.ovpn` file should look similar to the file below.
 
![](../ios/iphone_example.ovpn.png "Example iphone.ovpn")
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
**[Back to OpenVPN main page](/configuration/services/openvpn)**