Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client Export - Not Encrypting Private Key (With Password)

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 535 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kx93
      last edited by

      Checking the checkbox for "Use a password to protect the PKCS#12 file contents or key in Viscosity bundle" and entering password then clicking "Inline Configuration > Most Clients" button and it exports unencrypted private key. What am I missing?

      pfSense 2.7.2
      openvpn-client-export: 1.9.2

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @kx93
        last edited by

        @kx93
        As the hint there mentions, the private key is encrypted in the Viscosity bundle, but not in the inline config file.

        1 Reply Last reply Reply Quote 0
        • K
          kx93
          last edited by

          A solution is to export the private key of the client from System > Certificates > Certificates > Select the user cert > Set a "export password" and click "Export Private Key" then copy/paste and overwrite the private key in the file exported from the OpenVPN Client Export plugin. If don't want to export unencrypted private key, the password-protected Viscosity bundle export and can be used to build the base of the config file and the private key can be replaced from the export from earlier.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.