Openvpn – Generate an OpenVPN profile for client user to import

openvpn

Is there any documentation or resource describing how to generate and host a profile for an OpenVPN client to import? Ideally would like my users to not have to separately fetch a .zip file of the .ovpn + certs, extract it to the proper directory, tweak their .ovpn, etc.

Best Answer

Apparently since OpenVPN 2.1 a inline configuration has been supported. Allowing you to locate your certs, and keys all in a single configuration file. But the documentation about how to create this configuration file was not added until the recent release of 2.3.

See the INLINE FILE SUPPORT section of the OpenVPN man page for more info.

client
proto udp
remote openvpnserver.example.com
port 1194
dev tun
nobind

key-direction 1

<ca>
-----BEGIN CERTIFICATE-----
# insert base64 blob from ca.crt
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
# insert base64 blob from client1.crt
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN PRIVATE KEY-----
# insert base64 blob from client1.key
-----END PRIVATE KEY-----
</key>

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
# insert ta.key
-----END OpenVPN Static key V1-----
</tls-auth>

The docs for the config file are the same as the docs for the commandline options:

OpenVPN allows any option to be placed either on the command line or in a configuration file. Though all command line options are preceded by a double-leading-dash ("--"), this prefix can be removed when an option is placed in a configuration file.

Best Answer

Related Solutions

Openvpn – How to identify and list openvpn connected clients

Debian – How to setup a traffic limit per user on OpenVPN

Related Topic