Merge .p12 .tls and .ovpn into 1 file on iOS

Post Reply
Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Sun May 31, 2020 1:42 pm

Hello,
I need help to setup my vpn on my iOS device.
I have three files (.p12 .tls .ovpn)
On w10 I enter with an user and psw.
How can I merge all these three files into one to install it on my device?
Please help me step by step is very important. Thank you.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7389
Joined: Fri Jun 03, 2016 1:17 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by TinCanTech » Sun May 31, 2020 3:29 pm


Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Sun May 31, 2020 3:57 pm

Thx but not helped me because I don't know where to set my .p12 is it a cert or a ca?what's the difference? I don't have both and where I insert usr and psw?

Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Tue Jun 02, 2020 4:40 pm

OVPN
Client config

dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote XX.XXX.XXXX.XXX udp
verify-x509-name "YYYYY" name
auth-user-pass
pkcs12 pfSense-XXXXX-UDP4-1196-XXXXX.p12
tls-auth pfSense-XXXXX-UDP4-1196-XXXXX-tls.key 1
remote-cert-tls server
compress

TLS

#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
9f6c8f7409558aa9f851a166cf7abb93
b6d1e9424afcd7f818ef98aea1ecf78d
........
-----END OpenVPN Static key V1-----


p12

*a lot of numbers*
[oconf]


Someone can help me to set all these settings into one .ovpn file please?? I want to install it on my iOS device, thanks
Last edited by Pippin on Tue Jun 02, 2020 5:54 pm, edited 1 time in total.
Reason: Formatting

mdibella
OpenVPN Power User
Posts: 51
Joined: Thu Dec 13, 2018 11:15 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by mdibella » Tue Jun 02, 2020 5:00 pm

The format of the file is fully described in the URL above.

You need to create a similar file with the specific data from your implementation.

The top part of the file is the contents of your .ovpn...

Code: Select all

client
dev tun
proto udp
remote vpn.server.hostname 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
verb 3
key-direction 1

Code: Select all

<ca>
-----BEGIN CERTIFICATE-----
this part of the data is the Base64 encoded server authentication certificate's ROOT certificate
-----END CERTIFICATE-----
</ca>

Code: Select all

<cert>
-----BEGIN CERTIFICATE-----
this part of the data is the Base64 encoded client authentication certificate
-----END CERTIFICATE-----
</cert>

Code: Select all

<key>
-----BEGIN RSA PRIVATE KEY-----
this part of the data is the Base64 encoded client authentication certificate's KEY
-----END RSA PRIVATE KEY-----
</key>

Code: Select all

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
this part of the data is the Base64 encoded data from the .tls file
-----END OpenVPN Static key V1-----
</tls-auth>
to convert your .p12/.pfx file into usable text, you'll need to use openssl.exe:

Code: Select all

openssl.exe pkcs12 -in certificate.pfx -out cert-data.txt -nodes

Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Tue Jun 02, 2020 6:02 pm

Client config

dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote 62.77.63.228 1196 udp
auth-user-pass
remote-cert-tls server
compress
key-direction 1

Bag Attributes
localKeyID: 17 2D 54 8E ...
subject=...
issuer=...
<ca>
-----BEGIN CERTIFICATE-----
MIIEXjCCA0agAwIBAgICANwwDQYJKoZIhvcNAQELBQAwXjEUMBIGA1UEAxMLaW50
...
-----END CERTIFICATE-----
</ca>
Bag Attributes: <No Attributes>
subject=...
issuer=...
<cert>
-----BEGIN CERTIFICATE-----
MIID/jCCAuagAwIBAgIBADANBgkqhkiG9w0BAQsFADBeMRQwEgYDVQQDEwtpbnRl
...
-----END CERTIFICATE-----
</cert>
Bag Attributes
localKeyID: 17 2D 54 8E ...
Key Attributes: <No Attributes>
<key>
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA1m58LyVrGGdPrHOAvojigTucmcNvDW1+R7PEk5Gw1yutJQiU
...
-----END RSA PRIVATE KEY-----
</key>

#
# 2048 bit OpenVPN static key
#
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
9f6c8f7409558aa9f851a166cf7abb93
...
-----END OpenVPN Static key V1-----
</tls-auth>
[oconf]

I setted It in this way and I get Error message: mbed TLS TLS: SSL read error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed.

I extracted all key and cert with openssl ...can you help me to set it ? I think I'm near to the solution.
Last edited by Pippin on Tue Jun 02, 2020 6:09 pm, edited 1 time in total.
Reason: Formatting

mdibella
OpenVPN Power User
Posts: 51
Joined: Thu Dec 13, 2018 11:15 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by mdibella » Tue Jun 02, 2020 6:13 pm

Remove the Bag Attributes sections from the CA, cert, and key. You only what the BEGIN to END lines.

Also make sure when you export the PKCS12 to PEM format what you don't enter a key encrypt password. Only enter the decrypt password.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7389
Joined: Fri Jun 03, 2016 1:17 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by TinCanTech » Tue Jun 02, 2020 8:06 pm

@ mdibella - Thanks for writing this up.

@ Moderation, perhaps this thread could be a sticky ?

Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Wed Jun 03, 2020 6:51 am

mdibella wrote:
Tue Jun 02, 2020 6:13 pm
Remove the Bag Attributes sections from the CA, cert, and key. You only what the BEGIN to END lines.

Also make sure when you export the PKCS12 to PEM format what you don't enter a key encrypt password. Only enter the decrypt password.
I removed "Bag attributes" but still receive the same error, I think the error could be at the start of the code (ovpn part), because if you see my initial post I removed some rows ... could these rows be necessary?

mdibella
OpenVPN Power User
Posts: 51
Joined: Thu Dec 13, 2018 11:15 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by mdibella » Wed Jun 03, 2020 3:36 pm

Well, looking at the file you posted line-by-line, I'd move line 8 to the top-of-file, and delete lines 15-18.

Make sure that you have inserted the ROOT certificate of the SERVER chain, not the CLIENT chain under the <ca> section. This section defines the trust anchor used by the client to validate the server's certificate. The root of the chain that produces the CLIENT certificate is relevant to the OVPN server process, but irrelevant to the OVPN client.

Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Thu Jul 09, 2020 12:21 pm

I didn't solve yet my problem ...can I send in pvt to one of you my 3 files? I really can't understand where is the problem, I need help please

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7389
Joined: Fri Jun 03, 2016 1:17 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by TinCanTech » Fri Jul 10, 2020 10:44 am

You can post your file here .. just obscure the private data.

300000
OpenVPN Power User
Posts: 189
Joined: Tue May 01, 2012 9:30 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by 300000 » Fri Jul 10, 2020 4:37 pm

in p12 file it contain three file two public key file and one private key . and when you do that you will get three file out from 1 p12 . the tls is statics key file so it seen easy to add into ovpn file . the total is 5 difference file adding to one file

if you dont know and there is no more help to solve your problem you can send your file PM to me so i can make it for you . just remove your address of connection and port .

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7389
Joined: Fri Jun 03, 2016 1:17 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by TinCanTech » Fri Jul 10, 2020 4:39 pm

300000 wrote:
Fri Jul 10, 2020 4:37 pm
you can send your file PM to me
PMs are disabled due to abuse but you can leave your contact details in the thread.

Emetah
OpenVpn Newbie
Posts: 7
Joined: Sun May 31, 2020 1:35 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by Emetah » Fri Jul 10, 2020 11:21 pm

TinCanTech wrote:
Fri Jul 10, 2020 4:39 pm
300000 wrote:
Fri Jul 10, 2020 4:37 pm
you can send your file PM to me
PMs are disabled due to abuse but you can leave your contact details in the thread.
Please can you enable PM on our account? I really need to solve this problem and I don't know how...please

300000
OpenVPN Power User
Posts: 189
Joined: Tue May 01, 2012 9:30 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by 300000 » Sat Jul 11, 2020 12:39 am

you can send all file to my email just remove address and port and i make one file for you
If the p12 have password you need to give to me so i can extract for you . Without password i cant do it.
thang_nguyen6@yahoo.com

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 7389
Joined: Fri Jun 03, 2016 1:17 pm

Re: Merge .p12 .tls and .ovpn into 1 file on iOS

Post by TinCanTech » Sat Jul 11, 2020 1:40 am

Subtle as a brick and half as sharp ..

Post Reply