How do I get the OpenVPN client to accept our self-signed cert?

HaburGate · Jun 25, 2014, 2:28 PM

What am I doing wrong?

Installed OpenVPN Client Export Utility, built CA, VPN cert, and User cert. Exported package and installed on remote host.

Every time remote host tries to connect, OpenVPN throws this error:

TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed

What am I doing wrong? How do I disable certificate validation?

HaburGate · Jun 25, 2014, 9:06 PM

bump, should be a simple answer.

heper · Jun 25, 2014, 9:20 PM

you probably did something wrong in generating the certs. (no clue what)

just start from scratch and try again with new a CA
generate the servercert&usercert from the newly created CA.

should be fine

HaburGate · Jun 26, 2014, 8:53 PM

@heper:

you probably did something wrong in generating the certs. (no clue what)

just start from scratch and try again with new a CA
generate the servercert&usercert from the newly created CA.

should be fine

Alright, will do. Thanks.