Opened 11 years ago

Closed 11 years ago

#317 closed Bug / Defect (invalid)

verify-x509-name in config file doesn`t work with spaces

Reported by: ls4f Owned by:
Priority: minor Milestone:
Component: Configuration Version: OpenVPN 2.3.2 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:


I decided to update my configuration from tls-remote to verify-x509-name. I`m signing certificates my self so common names often contain spaces.
When I specify the config file like this

  verify-x509-name "Orbis Server" name

I get

  S_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

When I specify the config file like this

  verify-x509-name Orbis Server name

I get

  Options error: unknown X.509 name type: Server

At the same time, this works fine from the command line

 --verify-x509-name "Orbis Sklad" name

Change History (3)

comment:1 Changed 11 years ago by plaisthos

You have a different server name in your command line form than in the configuration file form. Can you check if this is your error?

comment:2 Changed 11 years ago by ls4f

;( Im terribly sorry about that one ... I swear I triple checked everything (also went through the version control to check if thats how I`m supposed to use it ...) - no idea how I messed up that one ...
Its working like a charm now. 10x a lot and I guess Ill do a quad check next time ;)

Version 0, edited 11 years ago by ls4f (next)

comment:3 Changed 11 years ago by Samuli Seppänen

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.