Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OVPN will not connect

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 468 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mguebert
      last edited by

      I used to have this working, I upgraded to 2.4 and now when i connect I get this, i have changed personal identifying info

      Sun Nov 05 19:38:14 2017 SIGUSR1[soft,tls-error] received, process restarting
      Sun Nov 05 19:38:19 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xxx.xxx:1194
      Sun Nov 05 19:38:19 2017 UDP link local (bound): [AF_INET][undef]:1194
      Sun Nov 05 19:38:19 2017 UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
      Sun Nov 05 19:38:19 2017 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=US, ST=Random, L=Random, O=Personal, emailAddress=myemail.com, CN=Somone
      Sun Nov 05 19:38:19 2017 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
      Sun Nov 05 19:38:19 2017 TLS_ERROR: BIO read tls_read_plaintext error
      Sun Nov 05 19:38:19 2017 TLS Error: TLS object -> incoming plaintext read error
      Sun Nov 05 19:38:19 2017 TLS Error: TLS handshake failed
      Sun Nov 05 19:38:19 2017 SIGUSR1[soft,tls-error] received, process restarting

      After a few attempts it gets to this

      Sun Nov 05 19:39:45 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xxx.xxx:1194 (si=3

      Another factor i also have a site to site setup with the same certificate and it works fine.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        error=unsupported certificate purpose

        Generate a new server certificate and re-export the client configuration.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.