Page 1 of 2
OpenVPN Profile and iTunes
Posted: Sun Oct 08, 2017 7:32 pm
by borderliner
Hello.
I've just installed Gargoyle on my Archer C7 V2 router and wanted to begin with OpenVPN. I chose all the default settings for creating a VPN Server, and downloaded the installation file for my iPhone.
How do I get it onto my OpenVPN app on the phone? iTunes doesn't seem to manage apps anymore. The iPhone won't recognize the zip file as an OpenVPN option, and if I try to import the several files manually, one at a time, the phone app say the others are missing--which they are!
Re: OpenVPN Profile and iTunes
Posted: Sun Oct 08, 2017 10:42 pm
by Lantis
Can you use iCloud Drive?
This was included in iOS 11
Re: OpenVPN Profile and iTunes
Posted: Mon Oct 09, 2017 12:25 am
by ispyisail
I know the answer to this one.
Many years ago OpenVPN had separate files to form a config/connection.
Eric very wisely combined all these files into one zip file (many years ago)
Sometime after this OpenVPN has changed to a single file format. Basically all the information is now in one file (same information)
https://www.digitalocean.com/community/ ... untu-16-04
If you look down toward the bottom of this how-to under "Creating a Configuration Generation Script" It shows how-to combine all the files into one file via a script.
If you are careful you can manually create this file via a sample file.
your iphone needs the single file
Re: OpenVPN Profile and iTunes
Posted: Mon Oct 09, 2017 1:18 am
by ispyisail
Code: Select all
#!/bin/bash
# First argument: Client identifier
KEY_DIR=~/openvpn-ca/keys
OUTPUT_DIR=~/client-configs/files
BASE_CONFIG=~/client-configs/base.conf
cat ${BASE_CONFIG} \
<(echo -e '<ca>') \
${KEY_DIR}/ca.crt \
<(echo -e '</ca>\n<cert>') \
${KEY_DIR}/${1}.crt \
<(echo -e '</cert>\n<key>') \
${KEY_DIR}/${1}.key \
<(echo -e '</key>\n<tls-auth>') \
${KEY_DIR}/ta.key \
<(echo -e '</tls-auth>') \
> ${OUTPUT_DIR}/${1}.ovpn
Re: OpenVPN Profile and iTunes
Posted: Mon Oct 09, 2017 2:42 am
by ispyisail
I tried to get this to work but I need someone more skilled than me
Code: Select all
#!/bin/bash
# First argument: Client identifier
KEY_DIR=/etc/openvpn/client_conf
OUTPUT_DIR=/tmp
BASE_CONFIG=/etc/openvpn/client_conf
cat ${BASE_CONFIG}/${1}/${1}.conf \
< echo -e '<ca>' \
${KEY_DIR}/${1}/ca.crt \
< echo -e '</ca>\n<cert>' \
${KEY_DIR}/${1}/${1}.crt \
< echo -e '</cert>\n<key>' \
${KEY_DIR}/${1}/${1}.key \
< echo -e '</key>\n<tls-auth>' \
${KEY_DIR}/${1}/ta.key \
< echo -e '</tls-auth>' \
> ${OUTPUT_DIR}/${1}1.ovpn
Won't let me create a file
Code: Select all
make_config.sh: line 19: can't open echo: no such file
Re: OpenVPN Profile and iTunes
Posted: Tue Oct 10, 2017 4:09 am
by Lantis
ispyisail wrote:
Won't let me create a file
Code: Select all
make_config.sh: line 19: can't open echo: no such file
Code: Select all
#!/bin/bash
# First argument: Client identifier
KEY_DIR=/etc/openvpn/client_conf
OUTPUT_DIR=/tmp
BASE_CONFIG=/etc/openvpn/client_conf
cat << EOF > ${OUTPUT_DIR}/${1}.ovpn
$(cat ${BASE_CONFIG}/${1}/${1}.conf)
$(echo -e '<ca>')
$(cat ${KEY_DIR}/${1}/ca.crt)
$(echo -e '</ca>\n<cert>')
$(cat ${KEY_DIR}/${1}/${1}.crt)
$(echo -e '</cert>\n<key>')
$(cat ${KEY_DIR}/${1}/${1}.key)
$(echo -e '</key>\n<tls-auth>')
$(cat ${KEY_DIR}/${1}/ta.key)
$(echo -e '</tls-auth>')
EOF
Try this out. Bit uglier, but it will do the job.
Can you also please explain the use case for this? When and why it needs to be done?
I can put it into the UI if i understand it and it will be a common case?
Would need to clean it up and protect the script but it works
Re: OpenVPN Profile and iTunes
Posted: Tue Oct 10, 2017 4:47 am
by ispyisail
I'm having trouble finding references except the web site listed above
From my understanding.....
Compile our base configuration with the relevant certificate, key, and encryption files
Basically Android phones, iphones and windows clients are now looking for one file instead of many files. (all the files are combined into one)
Re: OpenVPN Profile and iTunes
Posted: Tue Oct 10, 2017 4:53 am
by ispyisail
Re: OpenVPN Profile and iTunes
Posted: Tue Oct 10, 2017 4:58 am
by ispyisail
In the comments for the original post
Worked like a charm ! thanks a lot.. I think this is must if you want to use the profile on openVPN iphone app. Thanks a lot for sharing !
Re: OpenVPN Profile and iTunes
Posted: Tue Oct 10, 2017 7:29 am
by Lantis
I've hashed something out on my own router as a test. Works fine. I've never used openvpn before so i'll need to test it before pushing. Unless you want to take a look?
Replace contents of /www/utility/openvpn_download_creditials.sh with:
https://pastebin.com/4EaCvbNM
Replace contents of /www/js/openvpn.js with:
https://pastebin.com/ciPCuLvF
Replace contents of /www/i18n/English-EN/openvpn.js with:
https://pastebin.com/5404ip6k
Careful with the i18n one. Recommend only copy pasting everything after the header:
Code: Select all
/*
* UTF-8 (with BOM) English-EN text strings for OpenVPN elements
*/
and leaving the original header in tact. There is a special byte order marker at the beginning of the file which you may accidentally delete