OpenVPN電話client設定問題

最近換咗部Galaxy S10,想裝返個OpenVPN
download完個app之後,我係部NAS個VPN server application度download咗兩個file
一個係 .ovpn, 另一個係張cert .ca

當我去返手機上面裝呢兩個file, 裝.ovpn佢係認到我NAS個host name
之後叫我import張cert,但佢要我import張cert係 .p12 , 唔俾我揀 .ca個file

未換機之前部S8係用到 .ca
請問可以點解決?

本帖最後由 ckshum 於 2019-3-19 11:52 編輯

用網上SSL converter將張cert由PEM格式轉成PKCS#12格式:

https://www.sslshopper.com/ssl-converter.html

如果擔心保安問題,可以下載openssl自己轉檔:

https://wiki.openssl.org/index.php/Binaries

TOP

回覆 2# ckshum


    感謝,今晚返去試下

TOP

the easy way is put the cert content into the .ovpn file, open both .ovpn and cert files with editor program and modify the .ovpn like the following:

dev tun
tls-client
remote YOUR_SERVER_IP portNo. (or ddns then port no.)
float
redirect-gateway def1
dhcp-option DNS DNS_IP_ADDRESS
pull
script-security 2
comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth SHA256
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
Your Ca.crt content (put the cert content here)
-----END CERTIFICATE-----
</ca>

then import this .ovpn file to phone apps. (cert already included) android phone may ask for select cert when you use but just click continue will go. iphone is continue without asking.

TOP

the easy way is put the cert content into the .ovpn file, open both .ovpn and cert files with editor ...
echen 發表於 2019-3-19 13:09



    you may also change the auth-user-pass method to following inside .ovpn
auth-user-pass pass.txt

then you can creat a pass.txt file with just 2 lines:
User Name
Password
then import both .ovpn and pass.txt then you are no need to input user and password.

TOP