Similar to how I updated Cutedge Systems’ php, VPN Enabler for Monterey can also be updated to deprecate SHA1 and add support for SHA256 connections with supported VPN clients – the default is SHA1, which was blocked by most VPN software clients in late-2023.
To update VPN Enabler’s easy-rsa, we must update pkitool through these instructions:
1. Open Terminal.app and enter the following commands:
cd /usr/local/cutedge/openvpn/easy-rsa
sudo pico pkitool
*enter your password when prompted*
2. Press the control key and “w” and type in SHA1, then press the return key.
3. When the pico text editor brings your cursor to SHA1, change it to SHA256.
4.
Find out where /usr/local/cutedge/openvpn/easy-rsa is. When you have its location, run:
*insert file path location* upgrade easy-rsa
Then:
Open the 5.0.1 OpenVPN Enabler app, click the Make Clean : Keys and Certs check-box, Restart the OpenVPN Server, and send the newly generated profile to all the OpenVPN clients.
As described here:
https://cutedgesystems.com/software/OpenVPNEnablerforSonoma/