Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #######################################################################
- # Latest versions of Openvpn supports inline certs and keys
- # so you have one client script, instead of script plus 4 keys and certs
- #
- # This tool assumes
- # 1) Openvpn script and certs plus keys are in same directory
- # 2) Certs are usually specified in Openvpn script like
- # ca ca.crt
- # or
- # ca /etc/local/openvpn/ca.crt
- ########################################################################
- # Name of certs and keys and client ovpn script
- #
- ca="ca.crt"
- cert="client1.crt"
- key="client1.key"
- tlsauth="ta.key"
- ovpndest="raspberrypi.ovpn"
- ########################################################################
- # Backup to new subdirectory, just incase
- #
- mkdir -p backup
- cp $ca $cert $key $tlsauth $ovpndest ./backup
- ########################################################################
- # Delete existing call to keys and certs
- #
- sed -i \
- -e '/ca .*'$ca'/d' \
- -e '/cert .*'$cert'/d' \
- -e '/key .*'$key'/d' \
- -e '/tls-auth .*'$tlsauth'/d' $ovpndest
- ########################################################################
- # Add keys and certs inline
- #
- echo "key-direction 1" >> $ovpndest
- echo "<ca>" >> $ovpndest
- awk /BEGIN/,/END/ < ./$ca >> $ovpndest
- echo "</ca>" >> $ovpndest
- echo "<cert>" >> $ovpndest
- awk /BEGIN/,/END/ < ./$cert >> $ovpndest
- echo "</cert>" >> $ovpndest
- echo "<key>" >> $ovpndest
- awk /BEGIN/,/END/ < ./$key >> $ovpndest
- echo "</key>" >> $ovpndest
- echo "<tls-auth>" >> $ovpndest
- awk /BEGIN/,/END/ < ./$tlsauth >> $ovpndest
- echo "</tls-auth>" >> $ovpndest
- ########################################################################
- # Delete key and cert files, backup already made hopefully
- #
- rm $ca $cert $key $tlsauth
Add Comment
Please, Sign In to add comment
