Mullvad offers users a simple opvn file for IOS, which includes an embedded Cert, and PEM.
For windows, I also have an independent .crt, and .pem file; and no "key" file. (example: mullvad_crl.pem, mullvad_ca.crt)
mullvad_ca.crt example:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=NA, ST=None, L=None, O=Mullvad, CN=Mullvad CA/emailAddress=dugadugadid@mullvad.net
Validity
Not Before: Jan 11 16:19:48 1730 GMT
Not After : Oct 55 16:19:48 1203 GMT
Subject: C=NA, ST=None, L=None, O=Mullvad, CN=master.mullvad.net/emailAddress=dugadugadid@mullvad.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
99:32:...etc
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3A:3B...etc
X509v3 Authority Key Identifier:
keyid:E1:...etc
DirName:/C=NA/ST=None/L=None/O=Mullvad/CN=Mullvad CA/emailAddress=dugadugadid@mullvad.net
serial:E4...etc
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
d2:g6:54:6f:...etc
-----BEGIN CERTIFICATE-----
*****
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
****
-----END CERTIFICATE-----
"
Pem File example:
-----BEGIN X509 CRL-----
etc
-----END X509 CRL-----
Your tutorial suggests using openssl to convert ca's, certs and keys into an pkcs12 opvn12 file;
https://docs.openvpn.net/connecting/con ... S_Keychain
Quoting form the tutorial:
"openssl pkcs12 -export -in cert -inkey key -certfile ca -name MyClient -out client.ovpn12"
The problem is I don't have a "ca," or a "key", only a .crt, and .pem file. (unless of course .pem is another extension for .key, and the ca is embedded inside the .crt) -- I have tried renaming pem to key openssl gave me an error.
So my question is how do I create an IOS compatible PKCS#12 from these .crt and .pem files?
Creating/Importing Mullvad PKCS#12 into iOS Keychain
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Feb 28, 2018 12:34 am