#!/bin/bash
# Default Variable Declarations
DEFAULT="client \n proto udp \n remote my.openvpn.server.ru \n port 41991 \n dev tun \n nobind \n route 10.100.0.0 255.255.255.0\n\n"
FILEEXT=".ovpn"
CRT=".crt"
KEY=".key"
CA="ca.crt"
TA="tc.key"
sPath="./easyrsa/pki/issued/"
kPath="./easyrsa/pki/private/"
pPath="./easyrsa/pki/"
tPath="./server/"
#Ask for a Client name
echo "Please enter an existing Client Name:"
read NAME
ovpnName=$NAME
#1st Verify that client's Public Key Exists
if [ ! -f $sPath$NAME$CRT ]; then
echo "[ERROR]: Client Public Key Certificate not found: $sPath$NAME$CRT"
exit
fi
echo "Client's cert found: $sPath$NAME$CRT"
#Then, verify that there is a private key for that client
if [ ! -f $kPath$NAME$KEY ]; then
echo "[ERROR]: Client Private Key not found: $kPath$NAME$KEY"
exit
fi
echo "Client's Private Key found: $kPath$NAME$KEY"
#Confirm the CA public key exists
if [ ! -f $pPath$CA ]; then
echo "[ERROR]: CA Public Key not found: $pPath$CA"
exit
fi
echo "CA public Key found: $pPath$CA"
#Confirm the tls-auth ta key file exists
if [ ! -f $tPath$TA ]; then
echo "[ERROR]: tls-auth Key not found: $tPath$TA"
exit
fi
echo "tls-auth Private Key found: $tPath$TA"
#Ready to make a new .opvn file - Start by populating with the
echo -e $DEFAULT > $ovpnName$FILEEXT
#Now, append the CA Public Cert
echo "" >> $ovpnName$FILEEXT
cat $pPath$CA | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $ovpnName$FILEEXT
echo "" >> $ovpnName$FILEEXT
#Next append the client Public Cert
echo "" >> $ovpnName$FILEEXT
cat $sPath$NAME$CRT | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $ovpnName$FILEEXT
echo "" >> $ovpnName$FILEEXT
#Then, append the client Private Key
echo "" >> $ovpnName$FILEEXT
cat $kPath$NAME$KEY >> $ovpnName$FILEEXT
echo "" >> $ovpnName$FILEEXT
#Finally, append the TA Private Key
echo "" >> $ovpnName$FILEEXT
cat $tPath$TA >> $ovpnName$FILEEXT
echo "" >> $ovpnName$FILEEXT
echo "Done! $ovpnName$FILEEXT Successfully Created."
#Script written by Eric Jodoin
#Update by Eric Maasdorp 2017-12-16