Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Create OpenVPN client config with embedded certificates
#!/bin/sh
# FILE: /etc/openvpn/client_configs/mk_client.sh
CLIENT=$1
if [ "$CLIENT" = "" ]; then
echo "missing client name" 1>&2
exit
fi
CL_CRT=/etc/openvpn/easy-rsa/keys/${CLIENT}.crt
CL_KEY=/etc/openvpn/easy-rsa/keys/${CLIENT}.key
if [ ! -f $CL_CRT ]; then
echo "no such file: $CL_CRT" 1>&2
exit
fi
if [ ! -f $CL_KEY ]; then
echo "no such file: $CL_KEY" 1>&2
exit
fi
CONF=${CLIENT}.conf
cat base_conf > $CONF
echo "<ca>" >> $CONF
cat /etc/openvpn/easy-rsa/keys/ca.crt | \
grep -A 100 "BEGIN CERTIFICATE" | \
grep -B 100 "END CERTIFICATE" >> $CONF
echo "</ca>" >> $CONF
echo "<cert>" >> $CONF
cat $CL_CRT | \
grep -A 100 "BEGIN CERTIFICATE" | \
grep -B 100 "END CERTIFICATE" >> $CONF
echo "</cert>" >> $CONF
echo "<key>" >> $CONF
cat $CL_KEY | \
grep -A 100 "BEGIN PRIVATE KEY" | \
grep -B 100 "END PRIVATE KEY" >> $CONF
echo "</key>" >> $CONF
@Arindrew

This comment has been minimized.

Copy link

commented Nov 9, 2017

cat: base_conf: No such file or directory

@maykel535

This comment has been minimized.

Copy link

commented Dec 17, 2018

base_conf="/etc/openvpn/server.conf"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.