When following the steps to configure the clients credentials, do not set a password for the PKCS12 file. This will show the icon in "Connection Status and Control" section to allow the download of the "insecure configuration package" , which will contain the .ovpn file with all certificates embedded in it.

Manual Method to create a unified .ovpn file

There are five(5) sections to a unified .ovpn file:

  1. The OpenVPN client conf section
    • The file is obtained from the Download Client Package (zip) above.
    • Download and copy the .ovpn file to a new file. Let's call it myPhone.ovpn.
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
key-direction bidirectional
<ca>
  1. The Root Certificate (ca directive)
    • Open the OpenVPN webpage (Service > OpenVPN), scroll down to the Certificate Authorities and -Keys
    • Download the Root Certificate by clicking on the floppy disk. Locate the cacert.pem file in the Downloads folder.
    • Copy the contents of cacert.pem to end of the myPhone.ovpn
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</ca>
<cert>
  1. The Host Certificate (cert directive) ==> It is the Host certificate of the Client
    • Open the OpenVPN webpage (Service > OpenVPN), scroll down to Connection Status and -Control
    • Locate the correct (Client) Host Certificate and click on the Show host certificate icon (the blue circle i)
    • Scroll to the bottom of the OpenVPN - Host Certificate webpage
    • Copy all of the lines from -----BEGIN CERTIFICATE----- to the end
    • Paste those lines at the end of the myPhone.ovpn file
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</cert>
<key>
  1. The Encrypted Private Key (key)
    • The myPhone.p12 file is obtained from the Download Client Package (zip) above.
    • In the terminal, go to the directory where the myPhone.p12 file is located and enter:
PKCS12_PW=<PKCS12 File Password>  # mentioned above in Preparations
openssl pkcs12 -nocerts -in iPhone.p12 -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW
  1. (continued)
    • Copy all of the lines from -----BEGIN CERTIFICATE----- to the end
    • Paste those lines at the end of the myPhone.ovpn file
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</key>
<tls-auth>
  1. The TA key (tls-auth)
    • The ta.key file is obtained from the Download Client Package (zip) above.
    • Copy the contents of ta.key to end of the myPhone.ovpn
    • Scroll to the end of the myPhone.ovpn file add the two lines below:
</tls-auth>

To install the .ovpn unified file, follow the steps here.

Done creating the unified ovpn file! The myPhone.ovpn file should look similar to the file below.