Can't deploy ca directive through MDM
Posted: Sat Feb 06, 2021 1:36 pm
Hi,
I am trying to deploy my VPN profile through MDM (Intune). All good so far, the MDM pushes the app install, and I can see the profile in the OpenVPN app too.
I am not able to add the ca directive to the Intune custom VPN configuration profile's custom attributes, as the string is too long (seems to allow up to 1000 chars). Without the CA profile, even though the CA cert is in the device's keychain as a trusted root, the OpenVPN client complains:
Questions:
- How can I tell the OpenVPN client to rely on the keychain for TLS trust?
- Can I break the ca directive into multiple parts somehow?
- Any other ideas how I could fix this issue?
I am trying to deploy my VPN profile through MDM (Intune). All good so far, the MDM pushes the app install, and I can see the profile in the OpenVPN app too.
I am not able to add the ca directive to the Intune custom VPN configuration profile's custom attributes, as the string is too long (seems to allow up to 1000 chars). Without the CA profile, even though the CA cert is in the device's keychain as a trusted root, the OpenVPN client complains:
Code: Select all
EVENT: CORE_ERROR ssl_context_error: OpenSSLContext: CA not defined [ERR]- How can I tell the OpenVPN client to rely on the keychain for TLS trust?
- Can I break the ca directive into multiple parts somehow?
- Any other ideas how I could fix this issue?