Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire.

Please join in and help us improving it!

Differences in Revisions: Scripted Method to create a unified `.ovpn` file

corrected openvpncmd.sh command and instructions
# Scripted Method to create a unified `.ovpn` file
**[Back to OpenVPN main page](/configuration/services/openvpn)**
 
[Back to Configure iPhone main page](/configuration/services/openvpn/ios)
 
**Work in Progress... Work in Progress... Work in Progress... Work in Progress... Work in Progress...**
 
Includes the five sections in the [Manual Method](/configuration/services/openvpn/ios/ios_manual) all in an easy to run script.
 
## Installation on IPFire
There is **no web interface** for this script. To run the script open the client console or terminal and access the IPFire box via [SSH](/configuration/system/ssh).
 
Once connected via SSH, create a directory for creating .ovpn files with this script. Example:
 
```
mkdir /root/ios
cd /root/ios
```
 
Locate the the `<ovpn_file>.ovpn` file obtained from the [**Download Client Package (zip)**](/configuration/services/openvpn/ios#download-client-package) and copy the file to the `/root/ios` directory on the IPFire box.
 
Copy the code below to a file named `openvpncmd.sh` into the same directory:
 
```bash
#!/bin/bash
set -e
#set -x
# OpenVPN script for IPCop/iOS, www.magnuswedberg.com
#
# Launch via:
# openvpncmd ovpn_file password(PKCS12 File Password)
#
# $1 param = YourNewOpenVPNfile.ovpn
# $2 param = PKCS12 Password
#
 
if (( $# < 2 )); then
# TODO: print usage
echo "Usage: openvpncmd ovpn_file password(PKCS12 File Password)"
exit 1
fi
 
cp "$1" tmp.ovpn
PKCS12_PW="$2" # PKCS12 File Password
 
# Convert windows file to linux file (drop Carriage Returns)
sed -i 's/\r$//g' tmp.ovpn
 
# get key & value from input ovpn file
while IFS=" " read -r key value remainder
do
#echo "key=$key" ; echo "value=$value" ; echo "remainder=$remainder" ; echo
case "$key" in
verify-x509-name )
RedIPaddr="$value"
;;
*pkcs12 )
pkcs12File="$value"
;;
esac
done < tmp.ovpn
 
# Comment out the "tls-auth ta.key" line and the "pkcs12 *.p12" line
sed -i -E -e 's/^tls-auth /#tls-auth /' -e 's/^pkcs12 /#pkcs12 /' tmp.ovpn
 
p12File=/var/ipfire/ovpn/certs/"$pkcs12File"
FILE="$p12File"
 
fn=$(basename "$FILE")
 
#bn="${fn%%.*}"
ovpnFile="${fn%%.*}".ovpn
 
cp tmp.ovpn $ovpnFile
rm tmp.ovpn
echo "key-direction bidirectional" >> $ovpnFile
 
 
echo "<ca>" >> $ovpnFile
cat /var/ipfire/ovpn/ca/cacert.pem | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile
echo "</ca>" >> $ovpnFile
 
echo "<cert>" >> $ovpnFile
openssl pkcs12 -in $p12File -clcerts -nokeys -password pass:$PKCS12_PW | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile
echo "</cert>" >> $ovpnFile
 
echo "<key>" >> $ovpnFile
openssl pkcs12 -nocerts -in $p12File -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW | sed '/^-----BEGIN ENCRYPTED PRIVATE KEY-----/,$!d' >> $ovpnFile
echo "</key>" >> $ovpnFile
 
echo "<tls-auth>" >> $ovpnFile
cat /var/ipfire/ovpn/certs/ta.key | sed '/^-----BEGIN OpenVPN Static key V1-----/,$!d' >> $ovpnFile
echo "</tls-auth>" >> $ovpnFile
 
#echo "ovpn file = "
#cat $ovpnFile; echo
exit
```
 
Once copied and saved, enter:
 
```
chmod +x openvpncmd.sh
```
 
and to run the command enter:
 
```
openvpncmd.sh <ovpn_file>.ovpn <PKCS12 File Password>
./openvpncmd.sh <ovpn_file>.ovpn <PKCS12 File Password>
```
 
Now install the new `.ovpn` unified file onto the iDevice follow the steps [here](/configuration/services/openvpn/ios/ios_itunes).
Copy the newly created `.ovpn` unified file from the IPFire to the client computer. And now install the new `.ovpn` unified file onto the iDevice follow the steps [here](/configuration/services/openvpn/ios/ios_itunes).
 
| | |
|---|---:|
| [Back to Configure iPhone main page](/configuration/services/openvpn/ios) | [Next to Install .ovpn file](/configuration/services/openvpn/ios/ios_itunes) |
| | |
| **[Back to OpenVPN main page](/configuration/services/openvpn)** | |
 
##Links
* Inspiration from [Magnus Wedberg - How to use iDevices and OpenVPN with your IPCop](http://www.magnuswedberg.com/index.php?doc=IpCop_OpenVPN_and_iOS)