Generate an OpenVPN Connect private tunnel profile in the unified format
Go to file
graysky 5fa9fe5c02 update readme 2019-11-25 10:36:27 -05:00
MIT add license 2017-12-30 09:52:26 -05:00 update readme 2019-11-25 10:36:27 -05:00
ovpngen update readme 2019-11-25 10:36:27 -05:00


A simple shell script that creates OpenVPN compatible tunnel profiles in the unified file format. Tested on:

  • Linux OpenVPN version 2.4.6
  • iOS version 3.0.0.(712) of OpenVPN Connect
  • Android version 0.6.73 of OpenVPN for Android


Invoke the script with 5 tokens and the profile is outputted to stdout.

  1. Server Fully Qualified Domain Name of the OpenVPN server (or IP address).
  2. Full path to the CA cert.
  3. Full path to the client cert.
  4. Full path to the client private key.
  5. Full path to the server TLS shared secret key.
  6. Optionally define a port number (defaults to 1194 if left blank).
  7. Optionally define a protocol (defaults to udp if left blank).

Example (run as root) using all 7 arguments to setup a profile working port 443 using TCP


./ovpngen \
   /etc/openvpn/server/ca.crt \
   /etc/easy-rsa/pki/signed/$CLIENT.crt \
   /etc/easy-rsa/pki/private/$CLIENT.key \
   /etc/openvpn/server/ta.key \
	 443 \
	 tcp > $CLIENT.ovpn

The resulting foo.ovpn may need to be edited. Pay attention to the commented lines!


Majority of the credit goes to the script's original author, trovao. His version can be found here.