search

OpenVPN / openvpn-gui

OpenVPN GUI is a graphical frontend for OpenVPN running on Windows 7 / 8 / 10. It creates an icon in the notification area from which you can control OpenVPN to start/stop your VPN tunnels, view the log and do other useful things.
Other
1.38k stars 397 forks source link

Reintroduce the private key password change feature #686

Closed timolagus closed 1 month ago

timolagus commented 2 months ago

Please add back the private key password change feature removed in version 11.40.0.

This was an extremely useful, security-conscious feature that allowed you to change the default passphrase of a private key created for you by someone else, such as a system administrator. I've relied on this feature for close to 10 years now.

If you cannot or will not reintroduce the feature, can you please explain why it was removed?

selvanair commented 1 month ago

Easiest alternative would be to select to install OpenSSL utilities in OpenVPN installer and use openssl.exe to change the key password. Not as user friendly as a menu item in the GUI, but still effective. User friendly option is to upload the certificate and key to the Windows store and use cryptoapicert option. Possibly more secure too.

The original feature worked in a limited set of situations where the key file is writeable by user and not inlined, so it was felt not worth having dependency on OpenSSL dll just for that.

timolagus commented 1 month ago

Thank you for the info, @selvanair! I fully understand and appreciate you not wanting to maintain a dependancy on a component that's not really even part of the core purpose or scope of your application.

I actually already switched to using the OpenSSL CLI program. Works just fine and quite convenient enough.

Let's just close my pointless issue. 😏