Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can't add Cert

    OpenVPN
    2
    4
    918
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rlocone last edited by

      I'm getting the following error while attempting to add a cert

      PureVPN
      The submitted private key does not match the submitted certificate data.

      I've already talked with their support and tried fresh files ca.crt, wdc.

      Nothing seems to work.  Working with 2.40 Beta.

      Thanks for your time and attention,
      ![pfsense cert.PNG](/public/imported_attachments/1/pfsense cert.PNG)
      ![pfsense cert.PNG_thumb](/public/imported_attachments/1/pfsense cert.PNG_thumb)

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        So you own their CA?  You would not have the private key of a CA unless you actually could sign off on certs from this CA.. Which I HIGHLY doubt they would be giving you ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 23.01 | Lab VMs CE 2.6, 2.7

        1 Reply Last reply Reply Quote 0
        • R
          rlocone last edited by

          Duh, makes perfect sense….  I just removed the private key and it worked.

          Thanks,

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            Just looked at their instructions - not sure what their point of trying to get you to put the key in for the CA.. They don't have a clue ;)  That is the key they are using for the tls auth - its right in their config..

            
client
dev tun
proto udp
remote vlau-us1-ovpn-udp.pointtoserver.com 53
persist-key
persist-tun
ca ca.crt
tls-auth Wdc.key 1
cipher AES-256-CBC
comp-lzo
verb 1
mute 20
route-method exe
route-delay 2
route 0.0.0.0 0.0.0.0
auth-user-pass
auth-retry interact
explicit-exit-notify 2
ifconfig-nowarn
auth-nocache

            So clearly its not the CA private key ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 23.01 | Lab VMs CE 2.6, 2.7

            1 Reply Last reply Reply Quote 0
            • First post
              Last post