OpenVPN Instances strict cn matching wont work

[jensl]

Hey,
i am troubled and dont find any way to solve this issues, so maybe someone here can give me a clue what i am doing wrong:

I did create an new instances for an openvpn server and i wanted to activate the strict cn matching feature, but when i do i cant connect:
Client gets an Auth Error
and the Log shows me the following:
Username does not match certificate common name (vpn_jensl != ), access denied.

I am very confused because my username is matching the common name (vpn_jensl) even the description of the cert
any ideas where to look deeper into that issue?
thx!

[Fabian Wenk]

I manage an installation with OpenVPN Server for users where the "Strict User/CN Matching" is set to Yes. In that case all usernames are only with lowercase letters (a - z, no special characters or umlauts or such), and of course with identical CN in the certificate. The description of the certificate is different.

Can you try with an username without the "_", because I think that may not work as a CN in the certificate?

[jensl]

Hey sorry for the late response, i didnt got an notifaction from the board, i created an new account named vpnadmintest (no cases, no special characters and no underscores or anything) - still get the same error,
i created the cn without any changes (clicked search certificates for that user and then created an new one - so the cn should be matching shouldnt it?

Code Select Expand

Warningopenvpn Username does not match certificate common name (vpnadmintest != ), access denied.

[Fabian Wenk]

Please check the details of the certificate itself. In System / Trust / Certificates you get the list of all certificates. Click the (i) button on the right and the certificate content will be shown as text.

Look for the line starting with "Subject:" an then what the 'CN = ' part is showing. If this is not 'vpnadmintest' and something else, but it is what you have entered as Common Name into the certificate.