Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Differences in Revisions: Scripted Method to create a unified `.ovpn` file

added links for next page
# Scripted Method to create a unified `.ovpn` file
**[Back to OpenVPN main page](/configuration/services/openvpn)**
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
**Work in Progress... Work in Progress... Work in Progress... Work in Progress... Work in Progress...**
 
Includes the five sections in the [Manual Method](/configuration/services/openvpn/ios/ios_manual) all in an easy to run script.
 
## Installation on IPFire
There is **no web interface** for this script. To run the script open the client console or terminal and access the IPFire box via [SSH](/configuration/system/ssh).
 
Once connected via SSH, create a directory for creating .ovpn files with this script. Example:
 
```
mkdir /root/ios
cd /root/ios
```
 
Locate the the `<ovpn_file>.ovpn` file obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) and copy the file to the `/root/ios` directory on the IPFire box.
 
Copy the code below to a file named `openvpncmd.sh` into the same directory:
 
```bash
#!/bin/bash
set -e
#set -x
# OpenVPN script for IPCop/iOS, www.magnuswedberg.com
#
# Launch via:
# openvpncmd ovpn_file password(PKCS12 File Password)
#
# $1 param = YourNewOpenVPNfile.ovpn
# $2 param = PKCS12 Password
#
 
if (( $# < 2 )); then
# TODO: print usage
echo "Usage: openvpncmd ovpn_file password(PKCS12 File Password)"
exit 1
fi
 
cp "$1" tmp.ovpn
PKCS12_PW="$2" # PKCS12 File Password
 
# Convert windows file to linux file (drop Carriage Returns)
sed -i 's/\r$//g' tmp.ovpn
 
# get key & value from input ovpn file
while IFS=" " read -r key value remainder
do
#echo "key=$key" ; echo "value=$value" ; echo "remainder=$remainder" ; echo
case "$key" in
verify-x509-name )
RedIPaddr="$value"
;;
*pkcs12 )
pkcs12File="$value"
;;
esac
done < tmp.ovpn
 
# Comment out the "tls-auth ta.key" line and the "pkcs12 *.p12" line
sed -i -E -e 's/^tls-auth /#tls-auth /' -e 's/^pkcs12 /#pkcs12 /' tmp.ovpn
 
p12File=/var/ipfire/ovpn/certs/"$pkcs12File"
FILE="$p12File"
 
fn=$(basename "$FILE")
 
#bn="${fn%%.*}"
ovpnFile="${fn%%.*}".ovpn
 
cp tmp.ovpn $ovpnFile
rm tmp.ovpn
echo "key-direction bidirectional" >> $ovpnFile
 
 
echo "<ca>" >> $ovpnFile
cat /var/ipfire/ovpn/ca/cacert.pem | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile
echo "</ca>" >> $ovpnFile
 
echo "<cert>" >> $ovpnFile
openssl pkcs12 -in $p12File -clcerts -nokeys -password pass:$PKCS12_PW | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile
echo "</cert>" >> $ovpnFile
 
echo "<key>" >> $ovpnFile
openssl pkcs12 -nocerts -in $p12File -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW | sed '/^-----BEGIN ENCRYPTED PRIVATE KEY-----/,$!d' >> $ovpnFile
echo "</key>" >> $ovpnFile
 
echo "<tls-auth>" >> $ovpnFile
cat /var/ipfire/ovpn/certs/ta.key | sed '/^-----BEGIN OpenVPN Static key V1-----/,$!d' >> $ovpnFile
echo "</tls-auth>" >> $ovpnFile
 
#echo "ovpn file = "
#cat $ovpnFile; echo
exit
```
 
Once copied and saved, enter:
 
```
chmod +x openvpncmd.sh
```
 
and to run the command enter:
 
```
openvpncmd.sh <ovpn_file>.ovpn <PKCS12 File Password>
```
 
Now install the new `.ovpn` unified file onto the iDevice follow the steps [here](/configuration/services/openvpn/ios/ios_itunes).
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
| | |
|---|---:|
| [Back to Configure iPhone main page](/configuration/services/openvpn/ios) | [Next to Install .ovpn file](/configuration/services/openvpn/ios/ios_itunes) |
| | |
**[Back to OpenVPN mainpage](/configuration/services/openvpn)**
| **[Back to OpenVPN main page](/configuration/services/openvpn)** | |
 
##Links
* Inspiration from [Magnus Wedberg - How to use iDevices and OpenVPN with your IPCop](http://www.magnuswedberg.com/index.php?doc=IpCop_OpenVPN_and_iOS)