Client Export Can't Locate "the Requested Certificate"
-
We have a peer-to-peer VPN using the OpenVPN server in pfSense 2.6. The Open VPN Client Export Utility was just upgraded to version 1.6_6. Since then, the export utility fails and returns "Unable to locate the requested certificate" in a red banner at the top of the utility's page.
Our configuration uses an Active Directory Radius server to provide authentication. Other server notes are:
- Device mode: TUN
- Protocol: UDP on IPv4 Only
- TLS Encryption and Authentication in the default direction
- Root CA
- Revocation List
- Server Certificate for the external FQDN, which has a different hostname than is used internally.
- Enable Data Encryption negotiation
- Redirect all traffic from WAN through pfSense
The client is configured to use x509 verification where possible, block outside DNS. When I go to do the client download, I get the error message. I don't know which certificate it's talking about. They're all good.
I've created a new server certificate and futzed with numerous settings and checked Redmine for clues, but the only thing close relies on PKCS, which we aren't using. I have no idea where to go from here. I'll be grateful for suggestions.
-
@eveningstarnm Same problem.
-
same problem, any help?
-
J jimp moved this topic from OpenVPN on
-
What authentication mode is the server set for? (e.g. SSL/TLS, User Auth, SSL/TLS + User Auth)
If it's set for user auth, is the authentication local or through an authentication server (RADIUS, LDAP, etc)?
-
@jimp
Server mode Remote Access (User Auth)
Backend with Active Directory server. -
-
-
Should be fixed in pkg v1.7_2 and v1.6_7 (and later)
-
@jimp Fixed!
