Issue-171: Error using iOS OpenVPN

As @fyellin There is some chatter on other groups that some OpenVPN implementations cannot handle client keys that are encrypted with RSA. If the client key is encrypted, we might re-encrypting the current client key using 3DES. This commit will convert user client key to 3DES in command `pivpn -a` P/S: All credits to @fyellin. Many thanks to him.
2024-12-18 19:00:15 +00:00 · 2017-11-19 21:36:21 +07:00 · 2017-11-19 21:36:21 +07:00 · 455b754c41
commit 455b754c41
parent 7ed7e4652e
1 changed files with 11 additions and 0 deletions
--- a/scripts/makeOVPN.sh
+++ b/scripts/makeOVPN.sh
@ -121,6 +121,17 @@ function keyPASS() {
    expect eof
 EOF

+    #Convert key to des3
+    KEY_FILE="pki/private/${NAME}${KEY}"
+    expect << EOF
+    set timeout -1
+    spawn openssl rsa -in ${KEY_FILE} -des3 -out ${KEY_FILE}
+    expect "Enter pass phrase" { send "${PASSWD}\r" }
+    expect "Enter PEM pass phrase" { send "${PASSWD}\r" }
+    expect "Verifying - Enter PEM pass phrase" { send "${PASSWD}\r" }
+    expect eof
+EOF
+
    cd pki || exit

 }