OpenVPN why so hard to download config file?
-
@lmh1 said in OpenVPN why so hard to download config file?:
Did you also know if some packages that you install mess up this system, in yesterday i need to reset to default setting becauce i install some packes for trying but its give debug issue php files corrupt.
So why did pfsense add poor packages that mess up this system? Its poor.Norwegian or not, why talking of "poor" instead of naming the package ?
An OpenVPN server setup isn't a good example of click-click-click and done - but it can be done in a couple of minutes.
Millions are using it every day so I guess it was removed from the rocket science status ages ago.I do not remember if I used a email or a user name in my auto generated certs, needed for my VPN to work (I do not use User/password auth, only Cert/TLS). This boils down to : I generate a lock and a key. The key will be part of the OVPN file I hand over to the remote user. The OpenVPN server has the lock. If the two fits, the user can connect. Basta. That's it.
I don't bother email addresses or host names and don't know what's in that certificate.@lmh1 I : as @johnpoz : I still do not understand what your issues are.
Maybe it's the language barrier ^^ (I'm Dutch, live in France and pas most of my time on English and German forums). -
@lmh1 said in OpenVPN why so hard to download config file?:
I did not find a way to add certifiate to a user.
What do you mean - it gives you step by step info the link I provided..
Adding a User with a Certificate
If the mode has been left at the wizard’s default or on a mode that includes local user authentication, a user must be created in the user manager.Navigate to System > User Manager Click fa-plus To add a user Fill in Username Fill in Password / Confirm password Check Click to create a user certificate. Fill in the Descriptive Name as the username Choose the appropriate Certificate Authority
Stop watching nonsense videos from years ago - from idiots, and follow the documentation given.
Did you think to look in the pfsense book?
https://docs.netgate.com/manuals/pfsense/en/latest/the-pfsense-book.pdf#section.20.3did not give corrrect error message.
Why should it give you an error message? But it clearly told you that if you don't see the certs why that might be! You posted it yourself
If a client is missing from the list it is likely due to a CA mismatch between the OpenVPN server instance and the client certificate, the client certificate does not exist on this firewall, or a user certificate is not associated with a user when local database authentication is enabled.
Sorry its not written at a 3rd grade level - but that is CRYSTAL CLEAR to why you might not see a cert listed in users in the export package..
If that is the info you do not understand - then why not just ask that?
Or ask hey there are no users listed in the export tool? etc... Sorry but pretty much all your doing is gibberish pointing out nonsense videos..
-
Thx for help guys but i have this issue again:
The following input errors were detected: Microsoft Certificate Storage cannot be used with an Inline configuration. Could not locate the CA reference for the server certificate. Failed to export config files!
-
@lmh1 said in OpenVPN why so hard to download config file?:
Microsoft Certificate Storage cannot be used with an Inline configuration.
Could not locate the CA reference for the server certificate.And what do you not understand with that plain english?? You can not grab a inline config and use MS storage..
What server cert are you using in your configuration?? Where did you get it?
Follow the instructions given..
Or vs posting up links to stupid guides you have said you have followed - how about posting your actual config..
-
self-signed 2 unknown
Valid From:
Valid Until: OpenVPN Server
OpenVPN Client
LDAP ServerI get config file from port 1195 but not from 1194.
But it say no can not read ca files, did i need with vpn files or its pfsense issue is? -
Dude are you freaking serious??? I think your just trolling now.
That is just freaking gibberish.. Valid until Openvpn server - What??
The freaking wizard walks you through creating a CA on pfsense to use - and then walks you through creating the server cert to use!
All of which is gone over in the doc I linked you too.