auto apache https certificate download for openvpn clients
$250-750 USD
クローズ
投稿日: 13年以上前
$250-750 USD
完了時にお支払い
Hi,
I am looking for someone who can build a module for the openvpn client that would connect to an apache server and download the authentication PKI files needed for the openvpn client. These files are the certificates and keys required for the client in order to authenticate the user.
The idea is you would write a module that would call each of the necessary files (4 in total) over a secure https connection. The reason for this is that the private key to the client is sensitive and must be kept confidential. In addition there is a configuration file which has the format *.ovpn
The 4 authentication files need only be downloaded as these are static but the *.ovpn is dynamic. There should exist a method whereby these can be updated every now and again automatically. This can be done over http via the apache server as well.
The website is up and operational and awaiting a developer for this next stage of client app building.
Other points to note are that the build of the openvpn client needs to be altered to remove the easy-rsa and certificate generation files that are not needed (plus the module) . The icon needs to be changed. This will be provided to you. Also other minor modifications to white label and customise the installation so it has the name of the website. All this I can assist with. One other very important note is that openvpn must be run in administrator mode and so the installation should enable this on the executable file by default.
The concept is that our users do not have to do anything other than click install and then by entering username and password can download the certificates and connect to the openvpn hub.
This project has been tried before but previous obligations and time constraints meant that I lost the last developer. Please find below the conversation between the web design team and the afore mentioned developer on his thoughts about how to implement this solution. He proposed directory browsing via an xml file to get the necessary files. This is a suggestion but any SECURE method of implementing this are welcome.
****************
WD = Web Designer
D = Developer
WD - Just had a nice chat with Chris and now understand the process a lot better.
WD - We need to deliver 4 different certificate files to the client application upon request.
WD -Please use the following URL structure to get the files:
WD - [login to view URL]{{Name of file}}&email={{Uses email address}}&password={{Users password}}
D - I understand this. To avoid misunderstanding in future communication, I like to comment that "not all files are certificate, there are also key file". (if you ask me how many certificate, i will reply 2 or 3)
D - About this url, we provide user/pass every download, so we do not need pre-authentication step.
D - It look like you have a website framework with authentication, and then you add a module call com_bubble, Desktop Application can control http section and cookie very well, so, if you want, just provide me authentication mechanism that might easier for you to write new module.
WD - The client side application will also need to download one or more *.ovpn files that will all be located in a directory that Chris will determine at a later stage. Please note that directory browsing will need to be enabled on this directory so that the PC client can fetch a list of all the files needed to be downloaded.
D - It is possible to do that. Anyway, I prefer an xml that return a list of files to download.
D - The reason for xml is "Directory browsing" will return directory struct in html (html parser is error prone), that is done by apache instead of php code. There is no promises from apache to keep html directory struct. And it require a step when you deploy website.
***********
This project comes with a bonus for quick completion. Serious people only who are able to communicate well in English.
Cj