ovpn-append-cert.sh

#!/bin/bash

# Transfering OpenVPN profile (.ovpn file) with all required certificate files into mobile device 
# like iPhone or Android can be sometimes tricky. This script will embed all these ca, crt and key files 
# into specified .ovpn profile file. Then you can transfer just this .ovpn file into your device.
# Since the .ovpn file will contain the key, it should be kept confidental.
# 
# Usage: ./ovpn-append-cert.sh --ca ca.crt --crt client.crt --key client.key client.ovpn

POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
    --ca)
    CA="$2"
    shift # past argument
    shift # past value
    ;;
    --crt)
    CRT="$2"
    shift # past argument
    shift # past value
    ;;
    --key)
    KEY="$2"
    shift # past argument
    shift # past value
    ;;
    *)    # unknown option
    POSITIONAL+=("$1") # save it in an array for later
    shift # past argument
    ;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters

if [[ -z $CA ]] || [[ -z $CRT ]] || [[ -z $KEY ]] || [[ $# -ne 1 ]]; then
    echo "Usage: $0 --ca ca.crt --crt client.crt --key client.key client.ovpn"
    echo "Script will embed the ca.crt, client.crt and client.key into the client.ovpn file."
    exit 1;
fi

echo "key-direction 1" >> "$1"
echo "<ca>" >> "$1"
cat "$CA" | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> "$1"
echo "</ca>" >> "$1"
echo "<cert>" >> "$1"
cat "$CRT" | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> "$1"
echo "</cert>" >> "$1"
echo "<key>" >> "$1"
cat "$KEY" | grep -A 100 "BEGIN PRIVATE KEY" | grep -B 100 "END PRIVATE KEY" >> "$1"
echo "</key>" >> "$1"