Windows和Linux的客户端配置文件、ca证书、客户端证书、客户端秘钥、TLS-auth密钥
都是保存在不同的文件里,然后配置文件里配置路径和文件名的方式来读取这些证书和秘钥。
但是iPhone里这样配置是行不通的,iPhone的OpenVPN是直接把证书和秘钥写在配置文件里。
下面就是我配置我的iPhone手机端的配置文件,可以参考以下配置。
#iPhone-OpenVPN客户端配置模板 client dev tun connect-retry-max 5 connect-retry 5 resolv-retry 60 #------------------------ remote 221.195.1.111 3389 tcp-client #------------------------------------ <http-proxy-user-pass> kangml kangml </http-proxy-user-pass> resolv-retry infinite nobind persist-key persist-tun ns-cert-type server comp-lzo verb 3 <ca> ca.crt CA证书 </ca> #---- <cert> user01.crt 客户端的证书 </cert> #---- <key> user01.key 客户端的秘钥 </key> #---- key-direction 1 <tls-auth> ta.key TLS-auth密钥 </tls-auth> #---- auth-user-pass #----
通过vi或者notepad++打开个证书和秘钥文件,把加密信息复制到配置文件里。
下面是修改后的配置文件
#iPhone-OpenVPN客户端配置模板 client dev tun connect-retry-max 5 connect-retry 5 resolv-retry 60 #------------------------ remote 221.195.1.111 3389 tcp-client #------------------------------------ <http-proxy-user-pass> kangml kangml </http-proxy-user-pass> resolv-retry infinite nobind persist-key persist-tun ns-cert-type server comp-lzo verb 3 <ca> -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIJAIheAYAR2WEvMA0GCSqGSIb3DQEBCwUAMIGiMQswCQYD VQQGEwJDTjEOMAwGA1UECBMFQmVKaW4xDjAMBgNVBAcTBUJlSmluMRUwEwYDVQQK Ewx3d3cuaGVsbGMuY24xDTALBgNVBAsTBE9WUE4xGDAWBgNVBAMTD3d3dy5oZWxs Yy5jbiBDQTEQMA4GA1UEKRMHT3BlblZQTjEhMB8GCSqGSIb3DQEJARYSbGFveWFu MTk5N0AxNjMuY29tMB4XDTE3MDgyNDEwMDIxOVoXDTI3MDgyMjEwMDIxOVowgaIx CzAJBgNVBAYTAkNOMQ4wDAYDVQQIEwVCZUppbjEOMAwGA1UEBxMFQmVKaW4xFTAT BgNVBAoTDHd3dy5oZWxsYy5jbjENMAsGA1UECxMET1ZQTjEYMBYGA1UEAxMPd3d3 LmhlbGxjLmNuIENBMRAwDgYDVQQpEwdPcGVuVlBOMSEwHwYJKoZIhvcNAQkBFhJs YW95YW4xOTk3QDE2My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJvaye0EBrgtch46R64pbKJeKcnlMFlVU3jktmvM1docpVDl6YjQEkbzQ7C1iX 66lHljqa357HYl/QGdaxzbKICBz/6rNslNVFBnr47C3DtHN7O2pR19qEk0R2GRYZ QBDHY3ackHcGkOo7J6UZNsGKq42g6U884RQm8zD8fMUW7+5pwqswKt57AzB1YdT/ 8W80yh2xb6EaUPLNT/C8s8K60YOhrhz6ClWAsepi0MgE9NmsXP5TkTldzC5SrXvd gaeQ877/iwIh1qLWgVOyrSYCb/iMD6HIeb/YoMLJOTNBwfn5LMh88Q2ZIJbpBgh5 VmrKHwSCUtdX4osjQBCP1K/dAgMBAAGjggELMIIBBzAdBgNVHQ4EFgQU5nUp11Ie RTZU4sFCMtEHbaAroXcwgdcGA1UdIwSBzzCBzIAU5nUp11IeRTZU4sFCMtEHbaAr oXehgaikgaUwgaIxCzAJBgNVBAYTAkNOMQ4wDAYDVQQIEwVCZUppbjEOMAwGA1UE BxMFQmVKaW4xFTATBgNVBAoTDHd3dy5oZWxsYy5jbjENMAsGA1UECxMET1ZQTjEY MBYGA1UEAxMPd3d3LmhlbGxjLmNuIENBMRAwDgYDVQQpEwdPcGVuVlBOMSEwHwYJ KoZIhvcNAQkBFhJsYW95YW4xOTk3QDE2My5jb22CCQCIXgGAEdlhLzAMBgNVHRME BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCp+9++nzMBpTQp5F2rAXk6bBSYkath aiy4Yhbao9W6oRrFGeIUpAETyiSXUM8PkhuZ+jaLGFs0Jh0u9uwqbNJy94aP6LSJ I24+mqYbFhzLxteVXkNbuHFeW4mXdCqzClPOcoIT1yh8j45AAqSRei+pFYAGSrhx Jt2a1ZKm0FTGFWNs5voe2DvQ5OajAhQO5Dqc5cYGuDY9a9ibrjVymEsSoukd9u4u Pqii1k8aCQkQRtv9zhXR39R3G4Ln6YFBOr43x/gjlTydQ+zon2ii+UTahxVapM8M BdO2XWcuqyAlW8r9OmMrIvxJUaVHz3uF8o56Cr6lH3Th5GQmAoTBXKp5 -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCQ04x DjAMBgNVBAgTBUJlSmluMQ4wDAYDVQQHEwVCZUppbjEVMBMGA1UEChMMd3d3Lmhl bGxjLmNuMQ0wCwYDVQQLEwRPVlBOMRgwFgYDVQQDEw93d3cuaGVsbGMuY24gQ0Ex EDAOBgNVBCkTB09wZW5WUE4xITAfBgkqhkiG9w0BCQEWEmxhb3lhbjE5OTdAMTYz LmNvbTAeFw0xNzA4MjQxMDAzMDZaFw0yNzA4MjIxMDAzMDZaMIGZMQswCQYDVQQG EwJDTjEOMAwGA1UECBMFQmVKaW4xDjAMBgNVBAcTBUJlSmluMRUwEwYDVQQKEwx3 d3cuaGVsbGMuY24xDTALBgNVBAsTBE9WUE4xDzANBgNVBAMTBnVzZXIwMTEQMA4G A1UEKRMHT3BlblZQTjEhMB8GCSqGSIb3DQEJARYSbGFveWFuMTk5N0AxNjMuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSScb5suiCynaStEcgl9 qu6MShkd9RBm/j68LktzfJnvEHrYYSmIwno7Sxg3/EwyB0+W1bsLUckz9p3MaoFz yjLI+qQTNRdksOBwavFpKZcoq/y1nis2eV71c/DJxog7u5jWKCZgXlLbTVddKfll rFFe4JWIHtozNQBSVtFd8tRXjh2edbQfkJN7xzTA2SqeOCNK7OphPd6aQ4mZxUfO VSH0hHOoo63RfTl8gvTx/EdtsF5FbV2TqxSx4OTyC0rHwCqfl41kOEEyuQtqgnuN iE4Lyise+QXcdoxH7CgdKzrVkDR9Vk+gM+zOASELEYK5vwa8rNIw9tu/DkowSEZN 9QIDAQABo4IBWTCCAVUwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1S U0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSk1a9BPSbdQRD4u01l wOW/XwtctDCB1wYDVR0jBIHPMIHMgBTmdSnXUh5FNlTiwUIy0QdtoCuhd6GBqKSB pTCBojELMAkGA1UEBhMCQ04xDjAMBgNVBAgTBUJlSmluMQ4wDAYDVQQHEwVCZUpp bjEVMBMGA1UEChMMd3d3LmhlbGxjLmNuMQ0wCwYDVQQLEwRPVlBOMRgwFgYDVQQD Ew93d3cuaGVsbGMuY24gQ0ExEDAOBgNVBCkTB09wZW5WUE4xITAfBgkqhkiG9w0B CQEWEmxhb3lhbjE5OTdAMTYzLmNvbYIJAIheAYAR2WEvMBMGA1UdJQQMMAoGCCsG AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAUSSwIPZFUUrP HJKSt4LyY1MVF63JVZnr95W1sM8t4k5FUWSbH9l2QlQTJcL/+h+NbmZJMuoyH+c9 Dz/mwur6K9FGplZ521OG11ztiRfbyc/JMpBo8AaMU8m4N2hcxDp36mJY5udjSQ4z +fqQMB0YPPHDu4yKUotAtaxeycwVBhuWX2Oi50WIoMqRVRe18uhZQSqX6L49UP0+ ayN5YVakhgWJkta+p4JwHV8Uiz/NgYqaW8Ymq2tmZDrKc1MnEXNFPI4OmV1lS79I rsSM42Bk0jVriAKZ2Pq7SDV5L94yKvrtDmqPt+QxmYsLpBGGD7EUK3LqwBp3vhFA JkLuM+J1GA== -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQChJJxvmy6ILKdp K0RyCX2q7oxKGR31EGb+PrwuS3N8me8QethhKYjCejtLGDf8TDIHT5bVuwtRyTP2 ncxqgXPKMsj6pBM1F2Sw4HBq8Wkplyir/LWeKzZ5XvVz8MnGiDu7mNYoJmBeUttN V10p+WWsUV7glYge2jM1AFJW0V3y1FeOHZ51tB+Qk3vHNMDZKp44I0rs6mE93ppD iZnFR85VIfSEc6ijrdF9OXyC9PH8R22wXkVtXZOrFLHg5PILSsfAKp+XjWQ4QTK5 C2qCe42ITgvKKx75Bdx2jEfsKB0rOtWQNH1WT6Az7M4BIQsRgrm/Brys0jD2278O SjBIRk31AgMBAAECggEAb4x/ekbLPFrk/MmF1Qc65fPCS5z9fuJ+2WsmK0nxxQRu WFMhrIjq8e1ZVE+MmetJCoSO3p9fY5tLjGGJ2wSH2iWzuMWRwkPSYRrM10sMSE0q S3xhYP968yPH+B1sIDG4X9GaFisStNjYlL5wcJkDR/kAG6mHlAvqPLtfRFgkl+5L Bhkb7K1LhBoga4OG4jAXSTCZfYDNiJqYk2UAarJU22mUx0ltO98UuHUBH04zZiNk 0vC+BWRo0t547/05ZCbIlyujCn3fcJ5gHZu/7nDGvIHHIhsMjkEgRpO1qb/hM30n YRORemdxOlueFf7gFMxoqTAVXHIIhXaKUvqREChbgQKBgQDLxy1c+6zUkK+D6VDs Uy494ZyU4ZEN1TX7lZVbih4dKQkJjK3vF87f1x8XdScwU5Xyel/hkgRD2rJ0ABNU SUnV3ZvW0maRIKthK+YrITUyXyuGuA7xuMwGA6Zqdg3ocg5kBIWGVFP0ejPmPg3T 4QFpBI+6w2Qsg7LbXo5QW5kB1QKBgQDKcF7Zp52w9VQ9znZw4KlG2mxa5m/xNZcJ IGqZAQUppK7WJAodCLqVZt7koEpv9DaEjEgAYjMgEXBPezlEl75GnOgTaFl7Ikvj H5KzAcVb8BOvzgoDp9SuPrw971M14jk1XPdpGGzbhv/ZwMGNMy1V6SqsXOuMfyC+ B1cMNhgLoQKBgECtgj9t/iglmB+1MSMhL58iebFjese6MX0duB8q0m4M9TpbtWUa 2GWBgPPQElUrYn9oyf/teX8T7eoVkA0DifTgdrMTasyLYvnflhmAW8MWI9mJl+yu 68rI48wMllN9yAWEzeCZ6V/CXbCpZ3glhW4QrZHorGXYky8/bsogmIrVAoGAE3Ko KhDIPW/UH/vttPpgSMZDEpiAuJOFZwMOOpS2gkGn6jqcHh3wjtnLH/umKwszEZjI cgD9GF+Ugo47+jL5vJ7mTLcBoaqxz6gA1+GbrDFsMr+AhslgzTyJqQmM3OhWxqGf wyDtlElr2ueBsKbx/AbiapyipGSyKI9b9Xhc5wECgYEAtTPhsyIwf/sO2rIWGiD1 YIC6569U18Oy2hYOmDz7VRCOaFEkoOJEIDoEX2MTpn/7cqK5tgBTnN8NQ9miNauS JtIdUeha1cXCHwc8vcAghHC2Sxk78b6FEIetNyjsmucWWUo9RZPDcnjSVWstST51 KsEXCOcbrUmubYfIfByB2Fo= -----END PRIVATE KEY----- </key> key-direction 1 <tls-auth> # # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- 993053371598d5b178f0cafe6b21eca9 f3c842d53e938ca9b8cc888b00a454fa 8d2dbf4ea6d8c1d24baed3b5de1f6c7a bd0f01e4d2507c1622f974e905f8835c 126febe2f7c3aed838c929a21d4053be 5a6e98318bf5519f7edbd9bfd309fae7 4944de0d535dad0ddcfca310d2430615 71af3f02b62481ebbac7f164ec10cf1d 7ebfe49e8e9b5564486a716de33a1bf8 977b63db991c67c5bc8f7f9149ed5f91 b4b2899eee01e2ccad297ba22a757d31 60ae77bd9d71ad673f14f018fa1e7654 e9a1cffbce63356b15bf6fba83af3aa6 680330216f69661a0154a559fedeea39 1ce37c956b3ccf1ff0cc8f6e15fc3a39 6fcf83716b78549c9360ea60260c80a2 -----END OpenVPN Static key V1----- </tls-auth> auth-user-pass
需要注意的是user01.key 客户端的秘钥,不需要全部复制.
只需要最后面的 ----BEGIN CERTIFICATE----到----END CERTIFICATE---- 包括这两句都要一起复制。
-----BEGIN CERTIFICATE-----
************************
-----END CERTIFICATE-----
时间: 2024-11-04 17:48:51