Generate an OpenVPN Connect private tunnel profile in the unified format
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
graysky 5fa9fe5c02 update readme 4 years ago
MIT add license 6 years ago update readme 4 years ago
ovpngen update readme 4 years ago


A simple shell script that creates OpenVPN compatible tunnel profiles in the unified file format. Tested on:

  • Linux OpenVPN version 2.4.6
  • iOS version 3.0.0.(712) of OpenVPN Connect
  • Android version 0.6.73 of OpenVPN for Android


Invoke the script with 5 tokens and the profile is outputted to stdout.

  1. Server Fully Qualified Domain Name of the OpenVPN server (or IP address).
  2. Full path to the CA cert.
  3. Full path to the client cert.
  4. Full path to the client private key.
  5. Full path to the server TLS shared secret key.
  6. Optionally define a port number (defaults to 1194 if left blank).
  7. Optionally define a protocol (defaults to udp if left blank).

Example (run as root) using all 7 arguments to setup a profile working port 443 using TCP


./ovpngen \
   /etc/openvpn/server/ca.crt \
   /etc/easy-rsa/pki/signed/$CLIENT.crt \
   /etc/easy-rsa/pki/private/$CLIENT.key \
   /etc/openvpn/server/ta.key \
	 443 \
	 tcp > $CLIENT.ovpn

The resulting foo.ovpn may need to be edited. Pay attention to the commented lines!


Majority of the credit goes to the script's original author, trovao. His version can be found here.