Openvpn Client Export - not show user/cert

foxx155 · Jan 22, 2019, 2:59 PM

Cert for OpenVPN:
Devcenter OpenVPN cert
Server Certificate
CA: No
Server: Yes
Internal Certificate Authority ..................
CN=Devcenter OpenVPN cert, C=HU
Valid From: Wed, 18 May 2016 22:48:20 +0200
Valid Until: Sat, 16 May 2026 22:48:20 +0200

OpenVPN Config:
GW Group WANCsoport UDP4 / 1198 192.168.99.0/27
Crypto: AES-256-CBC/SHA1
D-H Params: 2048 bits client (tun)
Backend for authentication: Windows_AD
SSL+User auth
Server certificate: Devcenter OpenVPN cert

I conected the pf to my Windows AD. Backend for authentication settings only for Windows_AD.
And the Client Export empty.
The cert assigned to local "admin" user.

Rico · Jan 22, 2019, 3:03 PM

Did you pick the correct Server from the list?

-Rico

Konstanti · Jan 22, 2019, 7:11 PM

@foxx155
Another option-client certificate created ???
System/User Manager/Users/ Edit

Openvpn Server settings

Openvpn /client export utility
Post Rico

foxx155 · Jan 23, 2019, 8:41 AM

@rico said in Openvpn Client Export - not show user/cert:

pick the correct Server

Yes i pick the correct Server.

foxx155 · Jan 23, 2019, 8:43 AM

@konstanti

I use AD backand authentication only, dont use local database auth.
AD groupe name "pfsense_vpnuser" and pfsense group"pfsense_vpnuser" with correct permission.

if I manually download the cert and I did the ovpn filet then it works.

foxx155 · Jan 23, 2019, 8:54 AM

Rico · Jan 23, 2019, 9:34 AM

Your Certificate Tab only shows a Server Cert for OpenVPN, you also need to create User Certificates in SSL/TLS + User Auth Mode.
After creating a Cert per User they will show up in the Client Export.
ATM they do not show up because your configuration is not complete.

-Rico

foxx155 · Jan 23, 2019, 9:54 AM

thanks Rico, its work. :)