From ee7264f26e07c090ce2264621ba8c8e68aea49ec Mon Sep 17 00:00:00 2001
From: Jack Ivanov <gunph1ld@users.noreply.github.com>
Date: Wed, 18 Oct 2017 22:15:39 +0200
Subject: [PATCH] Ask users to enter the p12 password manually (#697)

---
 roles/vpn/templates/client_windows.ps1.j2 | 2 +-
 roles/vpn/templates/mobileconfig.j2       | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/vpn/templates/client_windows.ps1.j2 b/roles/vpn/templates/client_windows.ps1.j2
index 81baa6b..b984ab1 100644
--- a/roles/vpn/templates/client_windows.ps1.j2
+++ b/roles/vpn/templates/client_windows.ps1.j2
@@ -1,6 +1,6 @@
 
 function AddAlgoVPN {
-  certutil -f -p {{ easyrsa_p12_export_password }} -importpfx .\{{ item }}.p12
+  certutil -f -importpfx .\{{ item }}.p12
   Add-VpnConnection -name "Algo VPN {{ IP_subject_alt_name }} IKEv2" -ServerAddress "{{ IP_subject_alt_name }}" -TunnelType IKEv2 -AuthenticationMethod MachineCertificate -EncryptionLevel Required
   Set-VpnConnectionIPsecConfiguration -ConnectionName "Algo VPN {{ IP_subject_alt_name }} IKEv2" -AuthenticationTransformConstants GCMAES128 -CipherTransformConstants GCMAES128 -EncryptionMethod AES128 -IntegrityCheckMethod SHA384 -DHGroup ECP256 -PfsGroup ECP256  -Force
 }
diff --git a/roles/vpn/templates/mobileconfig.j2 b/roles/vpn/templates/mobileconfig.j2
index 1a892d8..ce51ea5 100644
--- a/roles/vpn/templates/mobileconfig.j2
+++ b/roles/vpn/templates/mobileconfig.j2
@@ -146,8 +146,6 @@
             <string>IKEv2</string>
         </dict>
         <dict>
-            <key>Password</key>
-            <string>{{ easyrsa_p12_export_password }}</string>
             <key>PayloadCertificateFileName</key>
             <string>{{ item.0 }}.p12</string>
             <key>PayloadContent</key>