From 0f40bd445c1a308d0e7b573a9b497f39585ad611 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 10 Feb 2017 15:47:01 +0000 Subject: [PATCH] fixed iOS issues --- config.cfg | 4 ++-- roles/vpn/tasks/main.yml | 2 +- roles/vpn/templates/mobileconfig.j2 | 2 +- users.yml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/config.cfg b/config.cfg index af31bb78..c7715f28 100644 --- a/config.cfg +++ b/config.cfg @@ -2,8 +2,8 @@ # Add as many users as you want for your VPN server here users: - - dan - - jack + - akirilov + - kimla # Add an email address to send logs if you're using auditd for monitoring. # Avoid using '+' in your email address otherwise auditd will fail to start. diff --git a/roles/vpn/tasks/main.yml b/roles/vpn/tasks/main.yml index 17d1bc82..24485abf 100644 --- a/roles/vpn/tasks/main.yml +++ b/roles/vpn/tasks/main.yml @@ -197,7 +197,7 @@ chdir: "configs/{{ IP_subject_alt_name }}/pki/" creates: certs/{{ item }}_crt_generated environment: - subjectAltName: "DNS:{{ IP_subject_alt_name }}" + subjectAltName: "DNS:{{ IP_subject_alt_name }}_{{ item }},IP:{{ IP_subject_alt_name }}" with_items: "{{ users }}" - name: Build the client's p12 diff --git a/roles/vpn/templates/mobileconfig.j2 b/roles/vpn/templates/mobileconfig.j2 index 9ee20c4f..48307e8f 100644 --- a/roles/vpn/templates/mobileconfig.j2 +++ b/roles/vpn/templates/mobileconfig.j2 @@ -86,7 +86,7 @@ 1440 LocalIdentifier - {{ item.0 }} + {{ IP_subject_alt_name }}_{{ item.0 }} PayloadCertificateUUID {{ pkcs12_PayloadCertificateUUID }} CertificateType diff --git a/users.yml b/users.yml index 74826b48..e2fa14e6 100644 --- a/users.yml +++ b/users.yml @@ -71,7 +71,7 @@ chdir: "configs/{{ IP_subject_alt_name }}/pki/" creates: certs/{{ item }}_crt_generated environment: - subjectAltName: "DNS:{{ IP_subject_alt_name }}" + subjectAltName: "DNS:{{ IP_subject_alt_name }}_{{ item }},IP:{{ IP_subject_alt_name }}" with_items: "{{ users }}" - name: Build the client's p12 @@ -110,7 +110,7 @@ chdir: "configs/{{ IP_subject_alt_name }}/pki/" creates: crl/{{ item }}_revoked environment: - subjectAltName: "DNS:{{ IP_subject_alt_name }}" + subjectAltName: "DNS:{{ IP_subject_alt_name }}_{{ item }},IP:{{ IP_subject_alt_name }}" when: item not in users with_items: "{{ valid_certs.stdout_lines }}"