Import User Certificates from stand alone OpenVPN server to Pfsense



  • Hello, What I'm trying to do is migrate a group of clients from a stand alone OpenVPN server, so far I managed to import the CA and Server Cert/key but when I'm trying to import a user certificate in the System->Cert.Manager->Certificates->Add/Sign Option, I get the message "The submitted private key does not match the submitted certificate data."

    Additional information about the Client certs is they were build with cert+password in OpenVPN Server.

    Deploying new certs is not an alternative, I have to import those OpenVPN client cert/key files.

    Any advices?

    Thanks in advaced.


  • Rebel Alliance Developer Netgate

    Are the certificates+keys password protected? If not, you can't import them without removing that password.

    That said, you do not need to import user certificates to use them. They won't be usable with the export package, but they are still valid for VPN Access so long as they validate against the CA as they should, and provided they are not on an active CRL.


Log in to reply