You are not logged in.
- Topics: Active | Unanswered
#1 2013-08-07 23:37:24
- r0b0t
- Member
- From: /tmp
- Registered: 2009-05-24
- Posts: 505
Extracting openvpn certificates from ovpn file
Hi,
I was curious about how to extract openvpn certificates from the ovpn configuration file,
basically on the ovpn config we have:
<ca>
begin/ end certificate
</ca>
<cert>
begin / end certificate
</cert>
<key>
begin / end rsa private key
</key>
normally when we use the file like openvpn --config file.ovpn it works, but on some network manager versions you cannot import correctly.
How can we extract the certificates from command line?
Any explanation to also the purpose of each certificate and how it's generated and used would be much appreciated.
Offline
#2 2013-08-08 09:27:12
- 84081
- Member
- Registered: 2013-07-30
- Posts: 5
Re: Extracting openvpn certificates from ovpn file
Copy what's between <ca> and </ca>, save it as anything.ca
Copy what's between <cert> and </cert>, save it as anything.crt
Copy what's between <key> and </key>, save it as anything.key
Network managers usually offer to specify where those files are located.
If you want to extract this from the command line you have to use other tools such as sed, grep, or awk.
Offline
#3 2013-08-08 16:59:38
- MariusMatutiae
- Member
- Registered: 2012-11-08
- Posts: 31
Re: Extracting openvpn certificates from ovpn file
You can extract the certificates with cut and paste, with any graphical editor like gedit, kate, or even vi. Remember that you must introduce into the remaining file (i.e., what remains after you have removed the cryptographic keys) instructions as to where to find the keys:
ca /path/to/ca.crt
cert /path/to/name.crt
key /path/to/name.key
A simple introduction to how to generate the certificates can be found, for example, in the wiki: search for ": Create a Public Key Infrastructure Using the easy-rsa Scripts." Basically, there is a series of scripts that will take care of this for you.
As to the mathematical meaning of cryptographic keys, it is too complex to be easily accessible to anyone not doing a Ph.D. in number theory. But you can easily find amusing popular articles just about everywhere, beginning with Scientific American.
Offline