OpenVPN client certificate expires but client can still connect

rchrd · January 11, 2021, 04:21:03 PM

Hello,

I'm new to Openvpn management with Opnsense, usually I create openvpn profiles with the command line but anyway I'm facing a strange issue where many client certificates were about to expire so I created new ones and sent them to the users but it seems they can still connect with the old ones although some have been expired for several days.
Once the certificate has expired shouldn't one be unable to connect? I'm lost here :)

thanks for you help!

axel2078 · February 01, 2021, 07:51:25 PM

I'm going to bump this because I'm curious as well.

franco · February 02, 2021, 08:54:25 AM

There is some information missing about your server setup.

Are you using User Auth (username/password) as well as certificate? Maybe you have the wrong mode set where client TLS is optional and not verified by the server.

Cheers,
Franco

OpenVPN client certificate expires but client can still connect

rchrd

January 11, 2021, 04:21:03 PM

axel2078

February 01, 2021, 07:51:25 PM #1

franco

February 02, 2021, 08:54:25 AM #2