Hello. Legacy setup works fine but after multiple times following the documentation I cannot get this working.
Thanks for any help!
I get:
Wed Jan 15 15:57:17 2025 VERIFY ERROR: depth=0, error=unsuitable certificate purpose: C=CA, CN=opnsense_ovpn_server, serial=6
Wed Jan 15 15:57:17 2025 OpenSSL: error:0A000086:SSL routines::certificate verify failed:
Wed Jan 15 15:57:17 2025 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jan 15 15:57:17 2025 TLS Error: TLS object -> incoming plaintext read error
Wed Jan 15 15:57:17 2025 TLS Error: TLS handshake failed
Wed Jan 15 15:57:17 2025 Fatal TLS error (check_tls_errors_co), restarting
Are you trying to use a client certificate as a server cert or vice versa?
Quote from: Patrick M. Hausen on January 15, 2025, 11:17:34 PMAre you trying to use a client certificate as a server cert or vice versa?
Thanks I've tried generating both a server cert (CA signed,) and a combined one. The error is the same both ways. I have created a cert for the user.
Quote from: Patrick M. Hausen on January 15, 2025, 11:17:34 PMAre you trying to use a client certificate as a server cert or vice versa?
Quote from: nonsubscriber on January 15, 2025, 11:22:32 PMQuote from: Patrick M. Hausen on January 15, 2025, 11:17:34 PMAre you trying to use a client certificate as a server cert or vice versa?
Thanks I've tried generating both a server cert (CA signed,) and a combined one. The error is the same both ways. I have created a cert for the user.
Geeez I re-did the cert again so I must have missed something, works now. Thanks for steering me in the right direction!