Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - blackhiden

Pages1
#1
18.7 Legacy Series / Re: OpenVPN error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
February 02, 2019, 10:25:51 AM

since I can login to shell, here my configuration file (server):

dev ovpns1
verb 3
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup
down /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown
local (my public ip)
client-disconnect "/usr/local/etc/inc/plugins.inc.d/openvpn/attributes.sh server1"
tls-server
server 10.0.8.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc/1
auth-user-pass-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify user 'Local Database' 'false' 'server1'" via-env
tls-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify tls 'server' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /usr/local/etc/dh-parameters.2048.sample
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo no
persist-remote-ip
float
topology subnet
#2
18.7 Legacy Series / OpenVPN error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
February 02, 2019, 09:36:16 AM
Hello,
I'm new guy on OPNsense. Last night, I configured OpenVPN server on OPNsense.

Here my specification -
name: openvpn_server
server mode: remote access (ssl/tls user auth)
backend auth: local database
proto: UDP
iface: WAN
dev mode: tun
port: 1194
tls auth: no
dh: 2048
ca: ca
server cert: server (2048, SHA1)
encription algo: AES - 128 -CBC
digest algo: SHA1 (160 bit)
cert depth: one (client + server)
ip tun: 10.0.8.0/24
compression: no
ipv6: no
verb: 3

client specification:
digest algo: sha1
ca: ca
client cert: client (2048, sha1)
===openvpn config file===
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote server.com udp
verify-x509-name "ovpn-server" name
auth-user-pass
verb 3

when I connected to server, I see log SSL3_GET_SERVER_CERTIFICATE:certificate verify failed and OpenVPN disconnected.

I tried to delete and create. but still same.

Any idea?

Thank you.
God bless.
Pages1