Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire.

Please join in and help us improving it!

Differences in Revisions: Manual Method to create a unified `.ovpn` file

add links to next page
# Manual Method to create a unified `.ovpn` file
**[Back to OpenVPN main page](/configuration/services/openvpn)**
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
**Work in Progress... Work in Progress... Work in Progress... Work in Progress... Work in Progress...**
 
There are five(5) sections to a unified `.ovpn` file:
 
1. The OpenVPN client conf section
* The file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* Download and copy the `.ovpn` file to a new file. Let's call it `myPhone.ovpn`.
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
 
```
key-direction bidirectional
<ca>
```
2. The Root Certificate (ca directive)
* Open the OpenVPN webpage (**Service** > **OpenVPN**), scroll down to the **Certificate Authorities and -Keys**
* Download the **Root Certificate** by clicking on the floppy disk. Locate the `cacert.pem` file in the Downloads folder.
* Copy the contents of `cacert.pem` to end of the `myPhone.ovpn`
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</ca>
<cert>
```
3. The Host Certificate (cert directive)
* Open the OpenVPN webpage (**Service** > **OpenVPN**), scroll down to **Certificate Authorities and -Keys**
* Locate the **Host Certificate** and click on the *Show host certificate* icon (the blue circle i)
* Scroll to the bottom of the **OpenVPN - Host Certificate** webpage
* Copy all of the lines from `-----BEGIN CERTIFICATE-----` to the end
* Paste those lines at the end of the `myPhone.ovpn` file
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</cert>
<key>
```
 
4. The Encrypted Private Key (key)
* The `myPhone.p12` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* In the terminal, go to the directory where the `myPhone.p12` file is located and enter:
 
```
PKCS12_PW=<PKCS12 File Password> # mentioned above in Preparations
openssl pkcs12 -nocerts -in iPhone.p12 -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW
```
4. (continued)
* Copy all of the lines from `-----BEGIN CERTIFICATE-----` to the end
* Paste those lines at the end of the `myPhone.ovpn` file
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</key>
<tls-auth>
```
5. The TA key (tls-auth)
* The `ta.key` file is obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) above.
* Copy the contents of `ta.key` to end of the `myPhone.ovpn`
* Scroll to the end of the `myPhone.ovpn` file add the two lines below:
```
</tls-auth>
```
 
To install the `.ovpn` unified file, follow the steps [here](/configuration/services/openvpn/ios/ios_itunes).
 
Done creating the unified ovpn file! The `myPhone.ovpn` file should look similar to the file below.
 
![](../ios/iphone_example.ovpn.png "Example iphone.ovpn")
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
| | |
|---|---:|
| [Back to Configure iPhone main page](/configuration/services/openvpn/ios) | [Next to Install .ovpn file](/configuration/services/openvpn/ios/ios_itunes) |
| | |
**[Back to OpenVPN main page](/configuration/services/openvpn)**
| **[Back to OpenVPN main page](/configuration/services/openvpn)** | |