Re: Re: Certificate Question

Home Page Forums Network Management ZeroShell Certificate Question Re: Re: Certificate Question

#46211

Ok, got it working. This is what I had to do:

Export the Trusted CA cert, and use that as the CA.pem in the OpenVPN configuration file.
Exported the CA cert (in the X509 section) and used that as the client/key.pem in the OpenVPN configuration file

@jeremy.haynes wrote:

I am relatively new to Certificates so I’m hoping that someone can help me.

This is what I have done so far:

Generated an X509 Certificate (host cert)
Exported that certificate
Add this certificate to the Trusted CA’s
Checked it off in the OpenVPN X509 Authentication Window
Authentication set to X509 Certificate + Password
Copied said .pem file into OpenVPN config folder
Edited .ovpn file to point to .pem file
Try to login and get this error in the OpenVPN logfile

Mon Mar 10 21:20:24 2008 us=811976 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=IT/O=Zeroshell.net/OU=Example/CN=Haynes_CA/emailAddress=xxx@xxxx (removed this for posting)
Mon Mar 10 21:20:24 2008 us=812104 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Does anyone have any suggestions on what might cause this?

thanks for your time.