Unable to connect a client to OpenVPN pfsense 2.3
-
Running through the wizard pretty much makes it impossible to mess up… You create the CA, then the server cert, etc..
-
It does not work with the wizard either, so it's kind of weird…
-
No one read/notice this error?
VERIFY ERROR: depth=1, error=certificate is not yet valid:Check your certificates, date, time.
-
Your clients have the wrong certs from your openvpn config then? As I mentioned before your clients are quite OLD.. 2.3.2 is very OLD client…
How are you configuring the client?? Do you have access to your key file?
"11:07:01 2016 WARNING: file 'key.key' is group or others accessible"
-
The certs dates are
Valid From: Thu, 28 Apr 2016 12:59:10 -0500 Valid Until: Sun, 26 Apr 2026 12:59:10 -0500I download the Viscosity files from the client export and run "openvpn config.conf" as I have been doing before. :'(
-
You start this thread on April 25, 2016, 06:09:56 pm and your certificate is
Valid From: Thu, 28 Apr 2016 12:59:10 -0500Maybe today you will be lucky :)
-
"error=certificate is not yet valid"
good catch.. So your time on your pfsense is OFF would seem, if you ran through the wizard and created those dates..
-
Dude I have erased and created the certs a lot, the last time was today….
-
The log message you posted…. never mind.
I also see version 2.3.2 eurephia version, try the latest if possible, dude
-
guys, i have recorded what I do to configure so please check out here and tell me what I am doing wrong.
-
I tried watching that.. its horrific… Why don't you just take some screen shots, and post them?? Vs that up and down, its so freaking blurry can not even tell what your doing..
Why are you trying to use the viscosity config in a linux client?
-
Almost 3 years… ;)
-
Sorry to all, but my problem was not the version… I had my timezone set to "Universal", so the error=certificate is not yet valid was the mismatch between the server and my computer's time
Both versions of openvpn 2.3.2 and 2.3.10 now work fine.
Thank you to all you people.
One last question, where do I put a label to the post as resolved?
-
Go to your first posted message and click "Modify", change the title to add "[Solved]".
-
Being in different timezones is not a problem.. But having the wrong time while your in a timezone sure going to have a problem ;)
Why you should always sync off ntp ;) Which set your time correct for the timezone your in..
But you still have a really OLD client, why would you not updated that… But maybe its because your running on a linux distro that last update was what 2011?
