Problems with .p12-file

[alve89]

Hello everybody!

First of all I need to say that I'm new to OpenVPN so I hope you forgive me possibly "stupid" questions.

I'd like to bring my VPN-config onto my iPhone (iOS 7) (of course I managed that), but:
I have the following certificates but I don't know which one(s) I have to use to get the tunnel started:

rootca.crt
vpns.crt
HerzogStefan.crt
HerzogStefan.p12

Further I have the HerzogStefan.ovpn file.

I read the FAQ and saw that I need to save the certificate in my keychain and I did but when I try to connect, I get the error message "Server certificate verification failed : PolarSSL: SSL read error : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed"
I googled this error indeed, but all answers were just like hieroglyphes for me...

I'm using an Vodafone EasyBox to create the VPN.
I'd like to post the content of the certificates here, but I don't know which one I can post without opening all doors to my private network.

Could you please help me here?

Many thanks in advance and best regards

Stefan

[alve89]

PS: It's working fine with tunnelblick on my MacBook with OSX 10.9.1.

[jamesyonan]

iOS has an issue where it ignores the CA certs in imported PKCS#12 files. Only the leaf cert/key are actually imported, and the rest is discarded. So to make this work, you need to extract the CA cert(s) and put them in the config file.

This is explained in the FAQ (in iOS app click on Help then More Help).

James

[mark8adams]

I, too am having trouble importing the .p12 file. My PC config directory contains only 3 files: a config.ovpn, a config.p12 and a ta.key. It work fine in windows. IOS doesn't recognize the .p12 file and when I try to add it to the ovpn file according to the help instructions, the import fails with a 'line to long' error. The help instructions are vague to me, but what I've tried is to build a new ovpn file that looks like:
# tls-auth "ta.key" 1
# pkcs12 "client.p12"

key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
cfaf5edfc2e501c04fdcab2f762f27ac
...
-----END OpenVPN Static key V1-----
</tls-auth>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE
</cert>

Is there any place I can get better explanations or can someone point me in the right direction?
ps. I'm having a completely different set of issues with the android app.
Thanks,