Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client Export - problems with certificate export

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zzzz
      last edited by

      Hello,

      I am trying to use the OpenVPN Client Export Utility (version 1.0.6) on pfSense version 2.0.3.  There are various OpenVPN servers setup on this box, some are authenticating with the local database, others are using LDAP.  When trying to export OpenVPN installation/config packages, I don't see a package available with the associated certificate.  For example, if "OpenVPN Server 1" is using "Certificate 1", the export screen does not show a package for "Certificate 1".  If "OpenVPN Server 1" is changed to use "Certificate 2", "Certificate 1" then becomes available on the export screen.  This is repeatable for other OpenVPN servers.  Sometimes, the export utility seems to offer an incorrect cert.  Example: if the label says "Certificate 1", the content of that download may actually be "Certificate 2".  I believe this has happened at least once, but I am less clear on the details of that situation.

      There is only one CA on the box.  I see the note that says "If you expect to see a certain client in the list but it is not there, it is usually due to a CA mismatch between the OpenVPN server instance and the client certificates found in the User Manager.".  But, since I only have 1 CA this shouldn't apply to me, correct?

      I have tried reinstalling the Client Export Utility.

      /tmp/php_errors.txt contained many of these entries:

      [10-Jun-2013 14:25:48] PHP Warning:  in_array(): Wrong datatype for second argument in /usr/local/www/system_certmanager.php on line 786
      [10-Jun-2013 14:25:48] PHP Warning:  in_array(): Wrong datatype for second argument in /usr/local/www/system_certmanager.php on line 786
      [10-Jun-2013 14:25:48] PHP Warning:  in_array(): Wrong datatype for second argument in /usr/local/www/system_certmanager.php on line 786
      [10-Jun-2013 14:25:48] PHP Warning:  in_array(): Wrong datatype for second argument in /usr/local/www/system_certmanager.php on line 786
      [10-Jun-2013 14:25:48] PHP Warning:  in_array(): Wrong datatype for second argument in /usr/local/www/system_certmanager.php on line 786

      I don't know if this is related or not, but figured I would include it here since it references system_certmanager.php.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • Z
        zzzz
        last edited by

        The box was upgraded from 2.0.1 to 2.0.3 last night.  The php errors listed were from when the box was on 2.0.1.  The timestamp on system_certmanager.php has remained at "Feb 26  2011", if that means anything.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.