Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client Export Utility - Imported CA Certs don't work?

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Phobia
      last edited by

      Hello,

      I am no longer able to export configurations from the GUI, but I had been successful at exporting a config file prior to the recent updates to the client export utility with my existing OVPN Server.  I recently updated to 2.0.2, and have updated the package a couple of times, and am now on 1.0.4.

      While my configuration used to show up, it no longer does.  I noticed in the GUI:

      NOTE: If you expect to see a certain client in the list but it is not there, it is usually due to a CA mismatch between the OpenVPN server instance and the client certificates found in the User Manager.

      So I assumed it was some kind of an issue with my certs, but I haven't modified them at all in the same time frame.  I then generated a new CA cert and cert for a new OVPN server, and started up another instance on another port, and that one does show up in the list, so it definitely seems related to my original CA cert.

      The CA I use was one I imported from elsewhere - is that the reason it doesn't work?  Again - it did work once upon a time, so I'm not sure why it stopped now.

      I can of course just replace my certificates, but then I'd need to push out all new configurations to my devices, which while admittedly is now easier than it used to be, is still a process I'd rather avoid if at all possible.

      Thanks in advance for any help or suggestions.

      Phob

      1 Reply Last reply Reply Quote 0
      • G
        godbolt
        last edited by

        Hi,

        I'm having the same issue with a CA I imported from a previous openvpn setup.  Have you had any success getting this to work?

        Thanks

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          When you imported the CA, did you also import the user certificates? Or just the CA?  If you imported the user certs, did you maybe import the certs first and the CA later?

          If you import the CA first, and then the certs, it should locate the proper CA and form an association and work with the client export package as expected.

          Though actually in the code it appears to find it either way (CA imported first or Certs imported first), so long as you import the CA and the user certificates.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.