We updated Zeroshell to Release 3.8.2 and now the VPN clients cannot connect, none of them.
I’ve recreated all PEM, keys and everything on a couple of servers for testing and both come with the same error:
Certificate does not have key usage extension VERIFY KU ERROR
OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
Fatal TLS error (check_tls_errors_co), restarting
SIGUSR1[soft,tls-error] received, process restarting
What should I do to fix this? Server currently has openvpn 2.4.4 and the servers 2.4.0; this was working fine before and we just updated the firewall..