1. First you need to split the “ovpn” file into the CA cert, client cert, and client key. If you’re using Crouton with ChromeOS you can do this on the ChromeOS device. Otherwise you’ll need to do this on another machine. The below is from an Ubuntu desktop.

    I’ve also created a small script to do the same: split-ovpn

    $ ls
    client.ovpn
    $ awk ‘//{flag=1;next}/</ca>/{flag=0}flag’ client.ovpn > ca.crt
    $ awk ‘//{flag=1;next}/</cert>/{flag=0}flag’ client.ovpn > client.crt
    $ awk ‘//{flag=1;next}/</key>/{flag=0}flag’ client.ovpn > client.key
    $ openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12

  2. Copy the files to your ChromeOS device via SD Card, USB stick, email, Google Drive, etc.

  3. Goto ChromeOS’s Settings menu

  4. In the Search bar next to “About Chrome OS” type “certificates” and wait for the “HTTPS/SSL > Manage certificates…” button to appear and click it

  5. Select the “Authorities” tab and click “Import…”

  6. Find and select the file “ca.crt”

  7. Select the “Your Certificates” tab and click “Import and Bind to Device…”

  8. Find and select the file “client.p12”

  9. Click “Done”

  10. Click “X” on the Search to bring you back to the main Settings

  11. Click on “Add connection” under “Internet connection”

  12. Select “OpenVPN / L2TP”

  13. Change “Provider Type” to “OpenVPN”

  14. Change “Server CA certificate” to that which you just added

  15. Change “User certificate” to that which you just added

  16. Fill in “Server hostname” with the value found in the original “ovpn” file with the line starting with “remote”. The line will look something like “remote my.hostname.com 1194”. The “Server hostname” would be in this case “my.hostname.com:1194”.

  17. Pick a “Server name”. Can be anything you like.

  18. Enter your client’s “Username” and “Password” if needed.