Hello,
I need help to setup my vpn on my iOS device.
I have three files (.p12 .tls .ovpn)
On w10 I enter with an user and psw.
How can I merge all these three files into one to install it on my device?
Please help me step by step is very important. Thank you.
Thx but not helped me because I don't know where to set my .p12 is it a cert or a ca?what's the difference? I don't have both and where I insert usr and psw?
Re: Merge .p12 .tls and .ovpn into 1 file on iOS
Posted: Tue Jun 02, 2020 4:40 pm
by Emetah
OVPN
Client config
dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote XX.XXX.XXXX.XXX udp
verify-x509-name "YYYYY" name
auth-user-pass
pkcs12 pfSense-XXXXX-UDP4-1196-XXXXX.p12
tls-auth pfSense-XXXXX-UDP4-1196-XXXXX-tls.key 1
remote-cert-tls server
compress
client
dev tun
proto udp
remote vpn.server.hostname 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
verb 3
key-direction 1
<ca>
-----BEGIN CERTIFICATE-----
this part of the data is the Base64 encoded server authentication certificate's ROOT certificate
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN RSA PRIVATE KEY-----
this part of the data is the Base64 encoded client authentication certificate's KEY
-----END RSA PRIVATE KEY-----
</key>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
this part of the data is the Base64 encoded data from the .tls file
-----END OpenVPN Static key V1-----
</tls-auth>
to convert your .p12/.pfx file into usable text, you'll need to use openssl.exe:
I setted It in this way and I get Error message: mbed TLS TLS: SSL read error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed.
I extracted all key and cert with openssl ...can you help me to set it ? I think I'm near to the solution.
Re: Merge .p12 .tls and .ovpn into 1 file on iOS
Posted: Tue Jun 02, 2020 6:13 pm
by mdibella
Remove the Bag Attributes sections from the CA, cert, and key. You only what the BEGIN to END lines.
Also make sure when you export the PKCS12 to PEM format what you don't enter a key encrypt password. Only enter the decrypt password.
Re: Merge .p12 .tls and .ovpn into 1 file on iOS
Posted: Tue Jun 02, 2020 8:06 pm
by TinCanTech
@ mdibella - Thanks for writing this up.
@ Moderation, perhaps this thread could be a sticky ?