easy-rsa icon indicating copy to clipboard operation
easy-rsa copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

Embed/Inline configs and certificates together

Open bogdanr opened this issue 8 years ago • 3 comments

It would be nice if the tool could embed the config and the certificates as a single file so that it would be easier to distribute the config to clients.

Right now clients are using different platforms so distributing as separate files is not a good option.

I am using a script like this and works fine for me but it would be nicer to have a better integrated solution:

#!/bin/bash
set -e

cd /etc/openvpn/easy-rsa/
cp config.template /tmp/$1.ovpn
echo "<ca>" >> /tmp/$1.ovpn
cat keys/ca.crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> /tmp/$1.ovpn
echo "</ca>" >> /tmp/$1.ovpn
echo "<cert>" >> /tmp/$1.ovpn
cat keys/$1.crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> /tmp/$1.ovpn
echo "</cert>" >> /tmp/$1.ovpn
echo "<key>" >> /tmp/$1.ovpn
cat keys/$1.key | grep -A 100 "BEGIN PRIVATE KEY" | grep -B 100 "END PRIVATE KEY" >> /tmp/$1.ovpn
echo "</key>" >> /tmp/$1.ovpn

bogdanr avatar Feb 21 '17 16:02 bogdanr

There’s another project, ssl-admin, that can do this.

On Feb 21, 2017, at 10:56:01, Bogdan Rădulescu [email protected] wrote:

It would be nice if the tool could embed the config and the certificates as a single file so that it would be easier to distribute the config to clients.

Right now clients are using different platforms so distributing as separate files is not a good option.

I am using a script like this and works fine for me but it would be nicer to have a better integrated solution:

#!/bin/bash set -e

cd /etc/openvpn/easy-rsa/ cp config.template /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn cat keys/ca.crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn cat keys/$1.crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn cat keys/$1.key | grep -A 100 "BEGIN PRIVATE KEY" | grep -B 100 "END PRIVATE KEY" >> /tmp/$1.ovpn echo "" >> /tmp/$1.ovpn — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/OpenVPN/easy-rsa/issues/122, or mute the thread https://github.com/notifications/unsubscribe-auth/ABt4Pyb-5ZaRHvP0Fxkkyz2lf0VsLFCzks5rexchgaJpZM4MHlG3.

ecrist avatar Feb 22 '17 02:02 ecrist

Also, EasyRSA has an inline function now.

Also, Easy-TLS has enhanced inlining to cover all TLS keys. Check it out !

TinCanTech avatar Dec 16 '20 00:12 TinCanTech

It would be nice if the tool could embed the config and the certificates as a single file

@bogdanr Above, you use EasyRSA version 2.

You could have submitted your code as a PR.

TinCanTech avatar Mar 27 '22 18:03 TinCanTech

No feedback in over half a decade.

TinCanTech avatar Oct 21 '22 18:10 TinCanTech