OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of blackhiden »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - blackhiden

Pages: [1]
1
18.7 Legacy Series / Re: OpenVPN error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
« on: February 02, 2019, 10:25:51 am »

since I can login to shell, here my configuration file (server):

dev ovpns1
verb 3
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup
down /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown
local (my public ip)
client-disconnect "/usr/local/etc/inc/plugins.inc.d/openvpn/attributes.sh server1"
tls-server
server 10.0.8.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc/1
auth-user-pass-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify user 'Local Database' 'false' 'server1'" via-env
tls-verify "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_auth_verify tls 'server' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /usr/local/etc/dh-parameters.2048.sample
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo no
persist-remote-ip
float
topology subnet

2
18.7 Legacy Series / OpenVPN error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
« on: February 02, 2019, 09:36:16 am »
Hello,
I'm new guy on OPNsense. Last night, I configured OpenVPN server on OPNsense.

Here my specification -
name: openvpn_server
server mode: remote access (ssl/tls user auth)
backend auth: local database
proto: UDP
iface: WAN
dev mode: tun
port: 1194
tls auth: no
dh: 2048
ca: ca
server cert: server (2048, SHA1)
encription algo: AES - 128 -CBC
digest algo: SHA1 (160 bit)
cert depth: one (client + server)
ip tun: 10.0.8.0/24
compression: no
ipv6: no
verb: 3

client specification:
digest algo: sha1
ca: ca
client cert: client (2048, sha1)
===openvpn config file===
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote server.com udp
verify-x509-name "ovpn-server" name
auth-user-pass
verb 3

when I connected to server, I see log SSL3_GET_SERVER_CERTIFICATE:certificate verify failed and OpenVPN disconnected.

I tried to delete and create. but still same.

Any idea?

Thank you.
God bless.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2