Error after Certificate Renew and Update to Lasted Pfsense Comunitu Version
-
Hello Im running Pfsense Comunity Edition Version 2.6.0-RELEASE (amd64)built on Mon Jan 31 19:57:53 UTC 2022
FreeBSD 12.3-STABLEA few days ago my certificate CA Was expired Today i Renew CA Internal without any issue.
But when i trying to connect through open vpn to pfense i had the following message log
2022-03-02 10:59:32 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: CN=NETVPN, C=PE, ST=Lima, L=Lima, O=NET, serial=10083492005936740046
2022-03-02 10:59:32 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2022-03-02 10:59:32 TLS_ERROR: BIO read tls_read_plaintext error
2022-03-02 10:59:32 TLS Error: TLS object -> incoming plaintext read error
2022-03-02 10:59:32 TLS Error: TLS handshake failed
2022-03-02 10:59:32 Fatal TLS error (check_tls_errors_co), restartingPlease any idea to troubleshoot and fix this issue.
-
@alexparedes said in Error after Certificate Renew and Update to Lasted Pfsense Comunitu Version:
A few days ago my certificate CA Was expired Today i Renew CA Internal without any issue.
After renewing the CA you will also have to renew all certs issued by this CA. That means the server certificate and the clients certs and assign the new certs on both devices.
-
@viragomann Thanks!!!!!! now it is working but i had another issue
when i trying to connect:2022-03-02 14:30:19 [CERVPN] Peer Connection Initiated with [AF_INET]2xx.5x.7x.x1:1xxx9
2022-03-02 14:30:20 AUTH: Received control message: AUTH_FAILED
2022-03-02 14:30:20 SIGUSR1[soft,auth-failure] received, process restarting
2022-03-02 14:30:31 ERROR: could not read Auth username/password/ok/string from management interface
2022-03-02 14:30:31 Exiting due to fatal errorPlease any idea i reset the password but still same issue
-
@alexparedes
Did you also update the client?
Which client is it?Also check the server logs for hints on what is failing.