Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Certificates: private key does not match the submitted certificate data

    2.4 Development Snapshots
    2
    3
    3.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pf3000
      last edited by

      Pasting/importing this in certificate data and private key data throws an error.

      The following input errors were detected:
      The submitted private key does not match the submitted certificate data.

      -----BEGIN EC PRIVATE KEY-----
      MHQCAQEEINI+wACDB8XFDfC4WFtiI57ZVMHI0p2cc1VJ8RbNC0YuoAcGBSuBBAAK
      oUQDQgAEAR+4uR42xOaCxhgZgjoz45H1SnHEi23RQ1Mp22azO0xjryesL/+HJkOO
      uJVLidAFvnYt/W1sHnT0RDHxXEG/hA==
      -----END EC PRIVATE KEY-----
      -----BEGIN CERTIFICATE-----
      MIIBfDCCASKgAwIBAgIBAzAJBgcqhkjOPQQBMCAxHjAcBgNVBAMMFeOCveODi+OD
      vOagquW8j+S8muekvjAeFw0xNzA0MTUwMDAwMDBaFw0yNzA0MTQyMzU5NTlaMCAx
      HjAcBgNVBAMMFeOCveODi+ODvOagquW8j+S8muekvjBWMBAGByqGSM49AgEGBSuB
      BAAKA0IABAEfuLkeNsTmgsYYGYI6M+OR9UpxxItt0UNTKdtmsztMY68nrC//hyZD
      jriVS4nQBb52Lf1tbB509EQx8VxBv4SjUTBPMAwGA1UdEwEB/wQCMAAwHQYDVR0O
      BBYEFOQygEqrgFKGNJU4tM6AevcUhadRMAsGA1UdDwQEAwIEsDATBgNVHSUEDDAK
      BggrBgEFBQcDAjAJBgcqhkjOPQQBA0kAMEYCIQDNUT3nc3AE9LUDVn/ShKPuQ0V3
      SpdperlFajXrrGgmqQIhAKHC1+9LqObqNPOUcTUDc0/Y0cbRWMBeljnDU2FshCnb
      -----END CERTIFICATE-----
      
      

      I am trying to setup an OpenVPN (2.4) client with EC crypto. I've tested the connection successfully using the windows client. As usual, RSA client cert and key is no problem. What gives?

      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        I've made a pull-request to fix this: https://github.com/pfsense/pfsense/pull/3693

        1 Reply Last reply Reply Quote 0
        • P
          pf3000
          last edited by

          @PiBa tested the patch and it works beautifully. Thanks so much :)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.