Using external certificate

[deedeeae]

Not too sure if i got the title right, but here is my problem; i added a profile to openvpn via itunes (dragged the profile and certificate files together), openvpn found the profile, but when i want to connect; i see my added profile with 'External certificate profile' under it.
BUT! under that seen profile there's a field; 'Select a certifiacte...(reguired)', in there i get '! No certificates are present in...'
But i added my certificate via itunes.
Please how can i select my certificate or import it to this required field??

Thank you.

[timpotter]

Hello,
I had the same error, and dug around on this forum some more and found this thread.

topic12011.html

Looks like the cert needs to be added into the config file directly versus being a separate file. (odd that it supports key's being external but not the cert...).

[timpotter]

Upon further attempts, I'm finding that its not very easy to get my config working... because I cannot load my certificate into the keychain. The certificate is password-less and the iPhone doesn't seem to like that.

topic11986.html

https://discussions.apple.com/thread/36 ... 0&tstart=0

Boo!

[timpotter]

Ok, so I converted the password-less p12 file into a pem file, and back into a p12 with a password to be able to import into iphone (by emailing the cert, why apple why!).

Finally I've got it able to attempt to connect, only to find out that external-tls isn't supported until 1.0.1, d'oh!

[cabhay]

Hi Tim,

I didn't try using tls cert externally. But in OpenVPN Connect app's FAQ, it has been mentioned to use "unified form" of .ovpn file. I have used (successfully) ca cert, cert, key and tls-auth embedded into .ovpn file.

Personally, I find using unified .ovpn more appropriate as,
1. I don't need to add cert into keychain of iOS manually
2. other apps may not get access of my cert from keychain

- Abhay