how to get .pem files for ubuntu vpn setup

matteovinci83 · Oct 8, 2022, 7:53 AM

i seem unable to get or find the .pem files for ubuntu vpn setup from the pfsense unit for clients to setup their vpn connections

i get the ovpn file, key, and personal file

but that doesnt work as openvpn in ubuntu just says its invalid or has no data

not sure what im doing wrong or what im not looking at properly

some assistance would be appreciated

viragomann · Oct 8, 2022, 8:06 AM

@matteovinci83
You can download the bundle from the client export utility, so you get the certs and the config in separated files.

If you need the certs combined in a single file just open them in a text editor and copy an paste one into the other.

bingo600 · Oct 8, 2022, 3:38 PM

@viragomann @matteovinci83

I'm using (via pfSense Client export) on Linux Mint (Ubuntu) :
The Inline Configuration "Most Clients"

That delivers a single openVPN config file.
With everything embedded in one file, Config , TLS Key and Certs.

Very elegant ...

Now just do this in shell/cli : openvpn <pfSense-client-file>

I haven't tried to integrate it into the GUI networkmanager , i actually prefer shell.

Edit: The Bundled Archive , gives you a :
Config file + Cert-P12 file + TLS-key file

/Bingo

viragomann · Oct 8, 2022, 6:20 PM

@bingo600 said in how to get .pem files for ubuntu vpn setup:

Edit: The Bundled Archive , gives you a :
Config file + Cert-P12 file + TLS-key file

You're right. It's the Viscosity bundle, which gives you the cert, CA, key in separate files each.

Network manager likes the p12 file with passphrase.

matteovinci83 · Oct 8, 2022, 11:31 PM

thanks for the help all, inline configuration did the trick, pity it isnt obvious to begin with

bingo600 · Oct 9, 2022, 5:08 AM

@viragomann said in how to get .pem files for ubuntu vpn setup:

Network manager likes the p12 file with passphrase.

I'm actually having an issue with a "Thin Client" , that complains about the .p12 file not having a passphrase. I have exported the "Bundle Archive".
I have scheduled time to look at it monday.

I'm using the "Create User" & "tick" the : "Create user cert"

Do you have a "quick tip" on how to set a passphrase ?

Ahhh ...
Is it this one on the "Client Export Page"

/Bingo

viragomann · Oct 9, 2022, 7:49 AM

@bingo600
Yeah, exactly.
You get an encrypted p12 file, when you download the Viscosity bundle and state the path to it at CA, user cert and private key in NM.