Opened 5 years ago
Closed 16 months ago
#1158 closed Bug / Defect (wontfix)
Can't select certificate on OpenVPN Connect when pushed from MDM
| Reported by: | manuelfr | Owned by: | OpenVPN Inc. |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | OpenVPN Connect | Version: | OpenVPN Connect for iOS v1.2.9 |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: |
Description
Premises:
- We are using OpenVPN Connect 3.0.4 (not listed into Version selector)
- We are sending a .mobileconfig from our MDM solution following steps in article https://openvpn.net/faq/can-i-import-an-openvpn-profile-via-an-ios-mobileconfig-file/
- Our .mobileconfig only include CA. Not CERT, KEY or PKCS12 embedded.
- We are importing p12 in ovpn12 format into OpenVPN Connect on iOS 12.
- We can import ovpn12 without problem and we can see it under Certs inside OpenVPN Connect.
Problem description:
- Profile pushed through MDM does not recognize any ovpn12 and there is no option to select imported ones.
- If we import profile with .ovpn file through Mail or Safari, we can choose ovpn12 cert we have imported and modify it at any time. (that is just what we are looking for).
Bug:
- It might be possible to specify an improted ovpn12 certificate inside OpenVPN Connect when profile is MDM pushed in the same way we do when imported from .ovpn.
.mobileconfig content
<plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>DisconnectOnIdle</key> <integer>1</integer> <key>DisconnectOnIdleTimer</key> <integer>900</integer> <key>IPv4</key> <dict> <key>OverridePrimary</key> <integer>0</integer> </dict> <key>PayloadDescription</key> <string>Configures VPN settings</string> <key>PayloadDisplayName</key> <string>VPN</string> <key>PayloadIdentifier</key> <string>com.apple.vpn.managed.2BCB5720-ED6A-49EF-8F88-585947DE6770</string> <key>PayloadType</key> <string>com.apple.vpn.managed</string> <key>PayloadUUID</key> <string>2BCB5720-ED6A-49EF-8F88-585947DE6770</string> <key>PayloadVersion</key> <integer>1</integer> <key>Proxies</key> <dict> <key>HTTPEnable</key> <integer>0</integer> <key>HTTPSEnable</key> <integer>0</integer> </dict> <key>UserDefinedName</key> <string>OpenVPN</string> <key>VPN</key> <dict> <key>AuthName</key> <string>DEFAULT</string> <key>AuthenticationMethod</key> <string>Password</string> <key>OnDemandEnabled</key> <integer>1</integer> <key>RemoteAddress</key> <string>DEFAULT</string> </dict> <key>VPNSubType</key> <string>net.openvpn.connect.app</string> <key>VPNType</key> <string>VPN</string> <key>VendorConfig</key> <dict> <key>ca</key> <string>-----BEGIN CERTIFICATE-----OMMITED-----END CERTIFICATE-----</string> <key>client</key> <string>NOARGS</string> <key>comp-lzo</key> <string>NOARGS</string> <key>dev</key> <string>tun</string> <key>remote-cert-tls</key> <string>server</string> <key>remote</key> <string>OMMITED udp</string> <key>vpn-on-demand</key> <string>0</string> <key>cipher</key> <string>AES-256-CBC</string> </dict> </dict> </array> <key>PayloadDisplayName</key> <string>VPNConfig</string> <key>PayloadIdentifier</key> <string>PGD.3972F454-FC58-449C-B7C3-1D5774009355</string> <key>PayloadRemovalDisallowed</key> <false/> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>C204C9BA-8D22-4F27-A946-0C9E98CD416A</string> <key>PayloadVersion</key> <integer>1</integer> </dict> </plist>
Change History (3)
comment:1 Changed 3 years ago by
| Owner: | changed from yuriy to denys |
|---|---|
| Status: | new → assigned |
comment:2 Changed 3 years ago by
| Owner: | changed from denys to OpenVPN Inc. |
|---|
comment:3 Changed 16 months ago by
| Resolution: | → wontfix |
|---|---|
| Status: | assigned → closed |
Note: See
TracTickets for help on using
tickets.
OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).
Please resubmit - if still relevant - via https://support.openvpn.net/