scramblevpn

Bash script to add openvpn keys and certs inline

Sep 17th, 2013
1,087
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #######################################################################
  3. #       Latest versions of Openvpn supports inline certs and keys
  4. #       so you have one client script, instead of script plus 4 keys and certs
  5. #
  6. #       This tool assumes
  7. #       1) Openvpn script and certs plus keys are in same directory
  8. #       2) Certs are usually specified in Openvpn script like
  9. #          ca capi.crt
  10. #             or
  11. #          ca /etc/local/openvpn/capi.crt
  12. #
  13. #       How to use this script:
  14. #       Save as combine.sh in directory where cert,keys and Openvpn script is.
  15. #       e.g. sudo wget http://pastebin.com/raw.php?i=5u0b8EWF -O $HOME/openvpn-client-files/combine.sh
  16. #       make executable
  17. #       e.g. sudo chmod +x $HOME/openvpn-client-files/combine.sh
  18. #       Run
  19. #       e.g. sudo $HOME/openvpn-client-files/combine.sh
  20. ########################################################################
  21. #   Name of certs and keys and client ovpn script
  22. #
  23.  
  24. ca="capi.crt"
  25. cert="clientpi.crt"
  26. key="clientpi.key"
  27. tlsauth="tapi.key"
  28. ovpndest="raspberry.ovpn"
  29.  
  30. ########################################################################
  31. #   Backup to new subdirectory, just incase
  32. #
  33. mkdir -p backup
  34. cp $ca $cert $key $tlsauth $ovpndest ./backup
  35.  
  36. ########################################################################
  37. #   Delete existing call to keys and certs
  38. #
  39.     sed -i \
  40.     -e '/ca .*'$ca'/d'  \
  41.     -e '/cert .*'$cert'/d' \
  42.     -e '/key .*'$key'/d' \
  43.     -e '/tls-auth .*'$tlsauth'/d' $ovpndest
  44.  
  45. ########################################################################
  46. #   Add keys and certs inline
  47. #
  48. echo "key-direction 1" >> $ovpndest
  49.  
  50. echo "<ca>" >> $ovpndest
  51. awk /BEGIN/,/END/ < ./$ca >> $ovpndest
  52. echo "</ca>" >> $ovpndest
  53.  
  54. echo "<cert>" >> $ovpndest
  55. awk /BEGIN/,/END/ < ./$cert >> $ovpndest
  56. echo "</cert>" >> $ovpndest
  57.  
  58. echo "<key>" >> $ovpndest
  59. awk /BEGIN/,/END/ < ./$key >> $ovpndest
  60. echo "</key>" >> $ovpndest
  61.  
  62. echo "<tls-auth>" >> $ovpndest
  63. awk /BEGIN/,/END/ < ./$tlsauth >> $ovpndest
  64. echo "</tls-auth>" >> $ovpndest
  65.  
  66. ########################################################################
  67. #   Delete key and cert files, backup already made hopefully
  68. #
  69. rm $ca $cert $key $tlsauth
RAW Paste Data