Opened 10 years ago
Closed 16 months ago
#466 closed Bug / Defect (wontfix)
OpenVPN Connect client does not use SCEP provisioned user identity certificate from keychain
Reported by: | hansooloo | Owned by: | OpenVPN Inc. |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | OpenVPN Connect | Version: | 1.0.2 |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
Working on an automatic provisioning process to ensure user's accounts are configured properly.
Requirements:
- User should not be prompted for any username, password.
- User should not be prompted to select a certificate.
- User should be able to simply select the service profile in OpenVPN client and click ON to connect to the service.
Flow:
- User goes to a page where there is a link to start iOS specific SCEP process (based on Apple guidelines).
- Device receives request to enroll, generate key pair and send CSR to server.
- Server signs cert, send back to client. This will be used for 1. OpenVPN connections. Let’s say, CN=“user1”.
- Page sends a provisioning profile that includes OpenVPN config (https://gist.github.com/HanSooloo/e53cfa6541c9668a3f73).
Observed Behavior:
When user opens the OpenVPN Connect app, the client certificate is NOT automatically selected.
Expected Behavior:
I’d like the client to respect the PayloadCertificateUUID key in the provisioning profile linked above to auto-select the certificate.
Additional Information:
I can make the iOS native IPsec client to auto-select the certificate using the above mentioned PayloadCertificateUUID method. I just cannot seem to accomplish this on OpenVPN.
Change History (4)
comment:1 Changed 9 years ago by
Owner: | set to jamesyonan |
---|---|
Status: | new → assigned |
comment:2 Changed 6 years ago by
Owner: | changed from jamesyonan to Antonio Quartulli |
---|
comment:3 Changed 3 years ago by
Owner: | changed from Antonio Quartulli to OpenVPN Inc. |
---|
comment:4 Changed 16 months ago by
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).
Please resubmit - if still relevant - via https://support.openvpn.net/