Opened 9 years ago

Closed 9 years ago

#317 closed Bug / Defect (invalid)

verify-x509-name in config file doesn`t work with spaces

Reported by: ls4f Owned by:
Priority: minor Milestone:
Component: Configuration Version: OpenVPN 2.3.2 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:


I decided to update my configuration from tls-remote to verify-x509-name. I`m signing certificates my self so common names often contain spaces.
When I specify the config file like this

  verify-x509-name "Orbis Server" name

I get

  S_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

When I specify the config file like this

  verify-x509-name Orbis Server name

I get

  Options error: unknown X.509 name type: Server

At the same time, this works fine from the command line

 --verify-x509-name "Orbis Sklad" name

Change History (3)

comment:1 Changed 9 years ago by plaisthos

You have a different server name in your command line form than in the configuration file form. Can you check if this is your error?

comment:2 Changed 9 years ago by ls4f

;( I'm terribly sorry about that one ... I swear I triple checked everything (also went through the version control to check if that`s how I'm supposed to use it ...) - no idea how I messed up that one ...
It`s working like a charm now. 10x a lot and I guess I'll do a quad check next time ;)

Last edited 9 years ago by ls4f (previous) (diff)

comment:3 Changed 9 years ago by Samuli Seppänen

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.