1
18.7 Legacy Series / OpenVPN error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
« on: February 02, 2019, 09:36:16 am »
Hello,
I'm new guy on OPNsense. Last night, I configured OpenVPN server on OPNsense.
Here my specification -
name: openvpn_server
server mode: remote access (ssl/tls user auth)
backend auth: local database
proto: UDP
iface: WAN
dev mode: tun
port: 1194
tls auth: no
dh: 2048
ca: ca
server cert: server (2048, SHA1)
encription algo: AES - 128 -CBC
digest algo: SHA1 (160 bit)
cert depth: one (client + server)
ip tun: 10.0.8.0/24
compression: no
ipv6: no
verb: 3
client specification:
digest algo: sha1
ca: ca
client cert: client (2048, sha1)
===openvpn config file===
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote server.com udp
verify-x509-name "ovpn-server" name
auth-user-pass
verb 3
when I connected to server, I see log SSL3_GET_SERVER_CERTIFICATE:certificate verify failed and OpenVPN disconnected.
I tried to delete and create. but still same.
Any idea?
Thank you.
God bless.
I'm new guy on OPNsense. Last night, I configured OpenVPN server on OPNsense.
Here my specification -
name: openvpn_server
server mode: remote access (ssl/tls user auth)
backend auth: local database
proto: UDP
iface: WAN
dev mode: tun
port: 1194
tls auth: no
dh: 2048
ca: ca
server cert: server (2048, SHA1)
encription algo: AES - 128 -CBC
digest algo: SHA1 (160 bit)
cert depth: one (client + server)
ip tun: 10.0.8.0/24
compression: no
ipv6: no
verb: 3
client specification:
digest algo: sha1
ca: ca
client cert: client (2048, sha1)
===openvpn config file===
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote server.com udp
verify-x509-name "ovpn-server" name
auth-user-pass
verb 3
when I connected to server, I see log SSL3_GET_SERVER_CERTIFICATE:certificate verify failed and OpenVPN disconnected.
I tried to delete and create. but still same.
Any idea?
Thank you.
God bless.