Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN why so hard to download config file?

    Scheduled Pinned Locked Moved OpenVPN
    26 Posts 6 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan @lmh1
      last edited by

      @lmh1 said in OpenVPN why so hard to download config file?:

      Did you also know if some packages that you install mess up this system, in yesterday i need to reset to default setting becauce i install some packes for trying but its give debug issue php files corrupt.
      So why did pfsense add poor packages that mess up this system? Its poor.

      Norwegian or not, why talking of "poor" instead of naming the package ?

      An OpenVPN server setup isn't a good example of click-click-click and done - but it can be done in a couple of minutes.
      Millions are using it every day so I guess it was removed from the rocket science status ages ago.

      I do not remember if I used a email or a user name in my auto generated certs, needed for my VPN to work (I do not use User/password auth, only Cert/TLS). This boils down to : I generate a lock and a key. The key will be part of the OVPN file I hand over to the remote user. The OpenVPN server has the lock. If the two fits, the user can connect. Basta. That's it.
      I don't bother email addresses or host names and don't know what's in that certificate.

      @lmh1 I : as @johnpoz : I still do not understand what your issues are.
      Maybe it's the language barrier ^^ (I'm Dutch, live in France and pas most of my time on English and German forums).

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 1
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @lmh1
        last edited by johnpoz

        @lmh1 said in OpenVPN why so hard to download config file?:

        I did not find a way to add certifiate to a user.

        What do you mean - it gives you step by step info the link I provided..

        Adding a User with a Certificate
        If the mode has been left at the wizard’s default or on a mode that includes local user authentication, a user must be created in the user manager.

        Navigate to System > User Manager
Click fa-plus To add a user
Fill in Username
Fill in Password / Confirm password
Check Click to create a user certificate.
Fill in the Descriptive Name as the username
Choose the appropriate Certificate Authority

        Stop watching nonsense videos from years ago - from idiots, and follow the documentation given.

        Did you think to look in the pfsense book?
        https://docs.netgate.com/manuals/pfsense/en/latest/the-pfsense-book.pdf#section.20.3

        did not give corrrect error message.

        Why should it give you an error message? But it clearly told you that if you don't see the certs why that might be! You posted it yourself

        If a client is missing from the list it is likely due to a CA mismatch between the OpenVPN server instance and the client certificate, the client certificate does not exist on this firewall, or a user certificate is not associated with a user when local database authentication is enabled.

        Sorry its not written at a 3rd grade level - but that is CRYSTAL CLEAR to why you might not see a cert listed in users in the export package..

        If that is the info you do not understand - then why not just ask that?

        Or ask hey there are no users listed in the export tool? etc... Sorry but pretty much all your doing is gibberish pointing out nonsense videos..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 1
        • L
          lmh1
          last edited by

          Thx for help guys but i have this issue again:

          The following input errors were detected:

Microsoft Certificate Storage cannot be used with an Inline configuration.
Could not locate the CA reference for the server certificate.
Failed to export config files!
          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            @lmh1 said in OpenVPN why so hard to download config file?:

            Microsoft Certificate Storage cannot be used with an Inline configuration.
            Could not locate the CA reference for the server certificate.

            And what do you not understand with that plain english?? You can not grab a inline config and use MS storage..

            What server cert are you using in your configuration?? Where did you get it?

            Follow the instructions given..

            Or vs posting up links to stupid guides you have said you have followed - how about posting your actual config..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • L
              lmh1
              last edited by lmh1 

              self-signed 	2 	unknown

              Valid From:
              Valid Until: OpenVPN Server
              OpenVPN Client
              LDAP Server

              I get config file from port 1195 but not from 1194.
              But it say no can not read ca files, did i need with vpn files or its pfsense issue is?

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                Dude are you freaking serious??? I think your just trolling now.

                That is just freaking gibberish.. Valid until Openvpn server - What??

                The freaking wizard walks you through creating a CA on pfsense to use - and then walks you through creating the server cert to use!

                All of which is gone over in the doc I linked you too.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.