Still following the thread I mentioned above, I saw that the eval previously was right before RESULT=. I have tried to comment the if statement block and move eval, so this way # eval serial="\$tls_serial_${check_depth}" # if [ -n "$serial" ]; then eval serial="\$tls_serial_${check_depth}" RESULT=$(/usr/local/bin/php-cgi -q /etc/inc/openvpn.tls-verify.php "servercn=$2&depth=$3&certdepth=$4&certsubject=$5&serial=$serial&co nfig=$config") if [ "${RESULT}" = "FAILED" ]; then exit 1 fi # fi and I don't get anymore the error on the certificate! I don't know if I need to open an issue about this. However, now I get the error about the user authentication SENT CONTROL [spike]: 'AUTH_FAILED' (status=1) like I was getting when I set "Certificate Depth = Do Not Check". I looks like I'm not the only one having this issue.