苹果OpenVPN的客户端配置文件

Windows和Linux的客户端配置文件、ca证书、客户端证书、客户端秘钥、TLS-auth密钥

都是保存在不同的文件里,然后配置文件里配置路径和文件名的方式来读取这些证书和秘钥。

但是iPhone里这样配置是行不通的,iPhone的OpenVPN是直接把证书和秘钥写在配置文件里。

下面就是我配置我的iPhone手机端的配置文件,可以参考以下配置。

#iPhone-OpenVPN客户端配置模板
client
dev tun
connect-retry-max 5
connect-retry 5
resolv-retry 60
#------------------------
remote 221.195.1.111 3389 tcp-client
#------------------------------------
<http-proxy-user-pass>
kangml
kangml
</http-proxy-user-pass>
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
comp-lzo
verb 3
<ca>
ca.crt CA证书
</ca>
#----
<cert>
user01.crt 客户端的证书
</cert>
#----
<key>
user01.key  客户端的秘钥
</key>
#----
key-direction 1
<tls-auth>
ta.key      TLS-auth密钥
</tls-auth>
#----
auth-user-pass
#----

通过vi或者notepad++打开个证书和秘钥文件,把加密信息复制到配置文件里。

下面是修改后的配置文件

#iPhone-OpenVPN客户端配置模板
client
dev tun
connect-retry-max 5
connect-retry 5
resolv-retry 60
#------------------------
remote 221.195.1.111 3389 tcp-client
#------------------------------------
<http-proxy-user-pass>
kangml
kangml
</http-proxy-user-pass>
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
comp-lzo
verb 3
<ca>
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIJAIheAYAR2WEvMA0GCSqGSIb3DQEBCwUAMIGiMQswCQYD
VQQGEwJDTjEOMAwGA1UECBMFQmVKaW4xDjAMBgNVBAcTBUJlSmluMRUwEwYDVQQK
Ewx3d3cuaGVsbGMuY24xDTALBgNVBAsTBE9WUE4xGDAWBgNVBAMTD3d3dy5oZWxs
Yy5jbiBDQTEQMA4GA1UEKRMHT3BlblZQTjEhMB8GCSqGSIb3DQEJARYSbGFveWFu
MTk5N0AxNjMuY29tMB4XDTE3MDgyNDEwMDIxOVoXDTI3MDgyMjEwMDIxOVowgaIx
CzAJBgNVBAYTAkNOMQ4wDAYDVQQIEwVCZUppbjEOMAwGA1UEBxMFQmVKaW4xFTAT
BgNVBAoTDHd3dy5oZWxsYy5jbjENMAsGA1UECxMET1ZQTjEYMBYGA1UEAxMPd3d3
LmhlbGxjLmNuIENBMRAwDgYDVQQpEwdPcGVuVlBOMSEwHwYJKoZIhvcNAQkBFhJs
YW95YW4xOTk3QDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJvaye0EBrgtch46R64pbKJeKcnlMFlVU3jktmvM1docpVDl6YjQEkbzQ7C1iX
66lHljqa357HYl/QGdaxzbKICBz/6rNslNVFBnr47C3DtHN7O2pR19qEk0R2GRYZ
QBDHY3ackHcGkOo7J6UZNsGKq42g6U884RQm8zD8fMUW7+5pwqswKt57AzB1YdT/
8W80yh2xb6EaUPLNT/C8s8K60YOhrhz6ClWAsepi0MgE9NmsXP5TkTldzC5SrXvd
gaeQ877/iwIh1qLWgVOyrSYCb/iMD6HIeb/YoMLJOTNBwfn5LMh88Q2ZIJbpBgh5
VmrKHwSCUtdX4osjQBCP1K/dAgMBAAGjggELMIIBBzAdBgNVHQ4EFgQU5nUp11Ie
RTZU4sFCMtEHbaAroXcwgdcGA1UdIwSBzzCBzIAU5nUp11IeRTZU4sFCMtEHbaAr
oXehgaikgaUwgaIxCzAJBgNVBAYTAkNOMQ4wDAYDVQQIEwVCZUppbjEOMAwGA1UE
BxMFQmVKaW4xFTATBgNVBAoTDHd3dy5oZWxsYy5jbjENMAsGA1UECxMET1ZQTjEY
MBYGA1UEAxMPd3d3LmhlbGxjLmNuIENBMRAwDgYDVQQpEwdPcGVuVlBOMSEwHwYJ
KoZIhvcNAQkBFhJsYW95YW4xOTk3QDE2My5jb22CCQCIXgGAEdlhLzAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCp+9++nzMBpTQp5F2rAXk6bBSYkath
aiy4Yhbao9W6oRrFGeIUpAETyiSXUM8PkhuZ+jaLGFs0Jh0u9uwqbNJy94aP6LSJ
I24+mqYbFhzLxteVXkNbuHFeW4mXdCqzClPOcoIT1yh8j45AAqSRei+pFYAGSrhx
Jt2a1ZKm0FTGFWNs5voe2DvQ5OajAhQO5Dqc5cYGuDY9a9ibrjVymEsSoukd9u4u
Pqii1k8aCQkQRtv9zhXR39R3G4Ln6YFBOr43x/gjlTydQ+zon2ii+UTahxVapM8M
BdO2XWcuqyAlW8r9OmMrIvxJUaVHz3uF8o56Cr6lH3Th5GQmAoTBXKp5
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCQ04x
DjAMBgNVBAgTBUJlSmluMQ4wDAYDVQQHEwVCZUppbjEVMBMGA1UEChMMd3d3Lmhl
bGxjLmNuMQ0wCwYDVQQLEwRPVlBOMRgwFgYDVQQDEw93d3cuaGVsbGMuY24gQ0Ex
EDAOBgNVBCkTB09wZW5WUE4xITAfBgkqhkiG9w0BCQEWEmxhb3lhbjE5OTdAMTYz
LmNvbTAeFw0xNzA4MjQxMDAzMDZaFw0yNzA4MjIxMDAzMDZaMIGZMQswCQYDVQQG
EwJDTjEOMAwGA1UECBMFQmVKaW4xDjAMBgNVBAcTBUJlSmluMRUwEwYDVQQKEwx3
d3cuaGVsbGMuY24xDTALBgNVBAsTBE9WUE4xDzANBgNVBAMTBnVzZXIwMTEQMA4G
A1UEKRMHT3BlblZQTjEhMB8GCSqGSIb3DQEJARYSbGFveWFuMTk5N0AxNjMuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSScb5suiCynaStEcgl9
qu6MShkd9RBm/j68LktzfJnvEHrYYSmIwno7Sxg3/EwyB0+W1bsLUckz9p3MaoFz
yjLI+qQTNRdksOBwavFpKZcoq/y1nis2eV71c/DJxog7u5jWKCZgXlLbTVddKfll
rFFe4JWIHtozNQBSVtFd8tRXjh2edbQfkJN7xzTA2SqeOCNK7OphPd6aQ4mZxUfO
VSH0hHOoo63RfTl8gvTx/EdtsF5FbV2TqxSx4OTyC0rHwCqfl41kOEEyuQtqgnuN
iE4Lyise+QXcdoxH7CgdKzrVkDR9Vk+gM+zOASELEYK5vwa8rNIw9tu/DkowSEZN
9QIDAQABo4IBWTCCAVUwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1S
U0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSk1a9BPSbdQRD4u01l
wOW/XwtctDCB1wYDVR0jBIHPMIHMgBTmdSnXUh5FNlTiwUIy0QdtoCuhd6GBqKSB
pTCBojELMAkGA1UEBhMCQ04xDjAMBgNVBAgTBUJlSmluMQ4wDAYDVQQHEwVCZUpp
bjEVMBMGA1UEChMMd3d3LmhlbGxjLmNuMQ0wCwYDVQQLEwRPVlBOMRgwFgYDVQQD
Ew93d3cuaGVsbGMuY24gQ0ExEDAOBgNVBCkTB09wZW5WUE4xITAfBgkqhkiG9w0B
CQEWEmxhb3lhbjE5OTdAMTYzLmNvbYIJAIheAYAR2WEvMBMGA1UdJQQMMAoGCCsG
AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAUSSwIPZFUUrP
HJKSt4LyY1MVF63JVZnr95W1sM8t4k5FUWSbH9l2QlQTJcL/+h+NbmZJMuoyH+c9
Dz/mwur6K9FGplZ521OG11ztiRfbyc/JMpBo8AaMU8m4N2hcxDp36mJY5udjSQ4z
+fqQMB0YPPHDu4yKUotAtaxeycwVBhuWX2Oi50WIoMqRVRe18uhZQSqX6L49UP0+
ayN5YVakhgWJkta+p4JwHV8Uiz/NgYqaW8Ymq2tmZDrKc1MnEXNFPI4OmV1lS79I
rsSM42Bk0jVriAKZ2Pq7SDV5L94yKvrtDmqPt+QxmYsLpBGGD7EUK3LqwBp3vhFA
JkLuM+J1GA==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQChJJxvmy6ILKdp
K0RyCX2q7oxKGR31EGb+PrwuS3N8me8QethhKYjCejtLGDf8TDIHT5bVuwtRyTP2
ncxqgXPKMsj6pBM1F2Sw4HBq8Wkplyir/LWeKzZ5XvVz8MnGiDu7mNYoJmBeUttN
V10p+WWsUV7glYge2jM1AFJW0V3y1FeOHZ51tB+Qk3vHNMDZKp44I0rs6mE93ppD
iZnFR85VIfSEc6ijrdF9OXyC9PH8R22wXkVtXZOrFLHg5PILSsfAKp+XjWQ4QTK5
C2qCe42ITgvKKx75Bdx2jEfsKB0rOtWQNH1WT6Az7M4BIQsRgrm/Brys0jD2278O
SjBIRk31AgMBAAECggEAb4x/ekbLPFrk/MmF1Qc65fPCS5z9fuJ+2WsmK0nxxQRu
WFMhrIjq8e1ZVE+MmetJCoSO3p9fY5tLjGGJ2wSH2iWzuMWRwkPSYRrM10sMSE0q
S3xhYP968yPH+B1sIDG4X9GaFisStNjYlL5wcJkDR/kAG6mHlAvqPLtfRFgkl+5L
Bhkb7K1LhBoga4OG4jAXSTCZfYDNiJqYk2UAarJU22mUx0ltO98UuHUBH04zZiNk
0vC+BWRo0t547/05ZCbIlyujCn3fcJ5gHZu/7nDGvIHHIhsMjkEgRpO1qb/hM30n
YRORemdxOlueFf7gFMxoqTAVXHIIhXaKUvqREChbgQKBgQDLxy1c+6zUkK+D6VDs
Uy494ZyU4ZEN1TX7lZVbih4dKQkJjK3vF87f1x8XdScwU5Xyel/hkgRD2rJ0ABNU
SUnV3ZvW0maRIKthK+YrITUyXyuGuA7xuMwGA6Zqdg3ocg5kBIWGVFP0ejPmPg3T
4QFpBI+6w2Qsg7LbXo5QW5kB1QKBgQDKcF7Zp52w9VQ9znZw4KlG2mxa5m/xNZcJ
IGqZAQUppK7WJAodCLqVZt7koEpv9DaEjEgAYjMgEXBPezlEl75GnOgTaFl7Ikvj
H5KzAcVb8BOvzgoDp9SuPrw971M14jk1XPdpGGzbhv/ZwMGNMy1V6SqsXOuMfyC+
B1cMNhgLoQKBgECtgj9t/iglmB+1MSMhL58iebFjese6MX0duB8q0m4M9TpbtWUa
2GWBgPPQElUrYn9oyf/teX8T7eoVkA0DifTgdrMTasyLYvnflhmAW8MWI9mJl+yu
68rI48wMllN9yAWEzeCZ6V/CXbCpZ3glhW4QrZHorGXYky8/bsogmIrVAoGAE3Ko
KhDIPW/UH/vttPpgSMZDEpiAuJOFZwMOOpS2gkGn6jqcHh3wjtnLH/umKwszEZjI
cgD9GF+Ugo47+jL5vJ7mTLcBoaqxz6gA1+GbrDFsMr+AhslgzTyJqQmM3OhWxqGf
wyDtlElr2ueBsKbx/AbiapyipGSyKI9b9Xhc5wECgYEAtTPhsyIwf/sO2rIWGiD1
YIC6569U18Oy2hYOmDz7VRCOaFEkoOJEIDoEX2MTpn/7cqK5tgBTnN8NQ9miNauS
JtIdUeha1cXCHwc8vcAghHC2Sxk78b6FEIetNyjsmucWWUo9RZPDcnjSVWstST51
KsEXCOcbrUmubYfIfByB2Fo=
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
993053371598d5b178f0cafe6b21eca9
f3c842d53e938ca9b8cc888b00a454fa
8d2dbf4ea6d8c1d24baed3b5de1f6c7a
bd0f01e4d2507c1622f974e905f8835c
126febe2f7c3aed838c929a21d4053be
5a6e98318bf5519f7edbd9bfd309fae7
4944de0d535dad0ddcfca310d2430615
71af3f02b62481ebbac7f164ec10cf1d
7ebfe49e8e9b5564486a716de33a1bf8
977b63db991c67c5bc8f7f9149ed5f91
b4b2899eee01e2ccad297ba22a757d31
60ae77bd9d71ad673f14f018fa1e7654
e9a1cffbce63356b15bf6fba83af3aa6
680330216f69661a0154a559fedeea39
1ce37c956b3ccf1ff0cc8f6e15fc3a39
6fcf83716b78549c9360ea60260c80a2
-----END OpenVPN Static key V1-----
</tls-auth>
auth-user-pass

需要注意的是user01.key 客户端的秘钥,不需要全部复制.

只需要最后面的 ----BEGIN CERTIFICATE----到----END CERTIFICATE---- 包括这两句都要一起复制。

-----BEGIN CERTIFICATE-----

************************

-----END CERTIFICATE-----

时间: 2024-11-04 17:48:51

苹果OpenVPN的客户端配置文件的相关文章

RoseMirror权限问题,引起的写客户端配置文件出错

Q:RoseMirror权限问题,引起的写客户端配置文件出错,如下图: A:安装目录下找到rcc.conf操作系统是administrator登陆的找到rcc.conf右键属性,设置一下权限并且把这个用户加到rradmin组里面属性添加一下这个用户,然后rradmin里加一个这个用户 原文地址:http://blog.51cto.com/xinghaiyuan/2070566

zabbix_agentd.conf zabbix客户端配置文件的相关参数的详解:(二)

zabbix_agentd.conf zabbix客户端配置文件的相关参数的详解: Alias key的别名,例如 Alias=ttlsa.userid:vfs.file.regexp[/etc/passwd,^ttlsa:.:([0-9]+),,,,\1], 或者ttlsa的用户ID.你可以使用key:vfs.file.regexp[/etc/passwd,^ttlsa:.: ([0-9]+),,,,\1],也可以使用ttlsa.userid. 备注: 别名不能重复,但是可以有多个alias对

DNS客户端配置文件/etc/resolv.conf

本来不应该把DNS客户端配置文件放在这里来说,但由于新手弟兄上网时,虽然能拔号,但不能以域名访问.究其原因是由于没有修改 /etc/resolv.conf 文件: /etc/resolv.conf 里面存放的是各大通信公司DNS服务器列表:下面的三个地址可以用一用:当然您可以打电话问你的服务商: nameserver 202.96.134.133 nameserver 202.96.128.143 nameserver 202.96.68.38 原文地址:https://www.cnblogs.

软件包管理-yum客户端配置文件

1,yum源路径:repodata所在的路径 2,服务器端不再需要配置文件: 3,客户端配置文件: a,/etc/yum.repos.d中已存在有repo文件,将这些repo文件移到指定位置 mkdir bak b,/etc/yum.repos.d中建立repo文件,并配置内容(本地) 图中根据repodata的位置路径,知道yum源路径为/misc/cd c,继续配置第二个仓库,epel仓库(网络) 多个yum源路径时,可以像图片一样放在同一个repo文件中,也可以放在多个repo文件中 d,

openvpn下的配置文件与iptables优化

最近公司里的vpn服务器宕机了,恢复后发现vpn拨不通了,开始还以为是ISP封堵了端口,结果后面检查了下并没有后面就检查下服务器上的路由表和iptables也没有问题啊怎么回事,后来利用wif连接电脑检查了下客户端的路由表就发现问题了,因此就对openvpn的配置文件以及iptables做了一次优化,这里就不多说openvpn的安装部署了,想必在网上都可以找到很多的教程,虽然麻烦点但是总体来说还是不太难的以前安装的时候有参考过http://fengwan.blog.51cto.com/50865

zabbix客户端配置文件详解

############ GENERAL PARAMETERS ################# ### Option: PidFile #   Name of PID file. # # Mandatory: no # Default: #pidFile=PID路径 #说明:指定程程序PIDFILE路径,可修改到其它路径,但SNC不建议修改 PidFile=/smp/sncmon/zabbix_agentd.pid ### Option: LogFile #   Name of log fi

客户端配置文件tnsname.ora

ARP2 = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 182.168.1.173)(PORT = 1521)) (ADDRESS = (PROTOCOL = TCP)(HOST = 182.168.1.174)(PORT = 1521)) (LOAD_BALANCE = yes) ) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = arp2.zdy

openvpn为客户端生成的证书内容。以备查阅

xxx.crt Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme/name=changeme/[email protected] Validity Not Before: Nov 26 05

搭建OpenVPN云免服务器 For iPhone 详细教程(安卓通用)

推荐环境:全新VPS CentOS6.5 64位建议宽带:5M以上教程环境:腾讯云 CentOS 6.6 64位 操作工具:Xshell5.FlashFXP.Notepad++ <准备工作> 1. 添加EPEL源: rpm -ivh http://www.sbwml.cn/yum/epel-release-6-8.noarch.rpm 要想安装EPEL,我们先要下载EPEL的rpm安装包. CentOS/RHEL下的6.x和5.x版本下载页面如下: http://download.fedora