Client Configuration Profile

The VPN configuration profile, denoted by the .vpntoolkit file extension, is a simple JSON-based file describing the necessary configuration settings about a VPN server network. It can also contain personalized user credentials, allowing one-click connectivity to the VPN.


Profiles should only be installed from trusted sources, as they contain the root certificate authority (CA) certificate, from which, all client/server trust is rooted (pun fully intended!).

Configuration Profile Keys


  • ca* : Base64 encoded DER form of the root CA certificate
  • pkcs12: Base64 encoded PKCS12 identity


  • username: Username (when using userpass authentication method)
  • password: Password (when using userpass authentication method)
  • token: Authentication token (when using token authentication method)
  • pkcs12_password: password to decrypt PKCS12 identity
  • protocol: VPN protocol
  • server: Server address with port number (e.g., host:port), with port defaulting to 443 if omitted
  • server_list_url: Server list URL
  • server_ping_count: Number of pings to send when measuring server latency

All keys are strings, except lengths and counters, which are integers.

Not all keys are supported on all platforms.

Pushing new versions of the configuration profile is not yet supported.

Client Configuration Profile

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.