Opened 5 years ago
Closed 4 years ago
#1172 closed User question (notabug)
Certificate failed
Reported by: | ojaswini | Owned by: | Eric Crist |
---|---|---|---|
Priority: | critical | Milestone: | |
Component: | easy-rsa | Version: | |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | certificate failed |
Cc: |
Description
I crated new server certificate and below is the screenshot where the validity can be seen.
However, when I generated new client certificates I am getting the handshake failed error. Attached is the log file.
Also, attached are the old certificate and new certificate details.
Please suggest.
Attachments (3)
Change History (5)
Changed 5 years ago by
Attachment: | openvpn1.log added |
---|
comment:1 Changed 5 years ago by
The old certificate you posted is a server certificate, the new one is a client certificate
X509v3 Extended Key Usage:
TLS Web Client Authentication
If you are using that one on the server the client will reject it if --remote-cert-tls server
is enabled on it, which is the recommended usage.
Generate a server certificate (one with TLS Web Server Authentication EKU) and use it on the server.
comment:2 Changed 4 years ago by
Resolution: | → notabug |
---|---|
Status: | new → closed |
log file