OpenVPN Export for iOS should use .ovpn12 for certs and private key
whorfin last edited by whorfin
The way things are currently set up, the private key and cert are saved in the iOS
Networking/preferences.plist, and they will show up in plaintext if you ever send a sysdiagnose to Apple.
You may verify this for yourself by triggering a sysdiagnose on an iOS device which has imported a pfSense profile exported with the exporter "for iOS" into OpenVPN Connect. Grab the sysdiagnose file from the iOS device and unpack. Examine the
You will find the complete, plaintext content of the .ovpn file.
If it was in your .ovpn file, it's there.
By following the recommendations in the OpenVPN link above, only the
cais in the .ovpn file, while the cert and key stay secret in the keystore.