openvpn issues

hescominsoon

i get all the way through the wizard and when i hit finish..it bombs and i get a crash error. seems like php is crashing out and so nothing gets done. how do i report this?

when i manually do the remote access server and i create the ca and certificates, when i try to export the clients i get a error bout cannot find the server ca or something. I am stuck now i cannot get openvpn to work now on this brand new 6100 running 25.11. Any pointers would be appreciated.

hescominsoon

Crash report begins. Anonymous machine information:

amd64
16.0-CURRENT
FreeBSD 16.0-CURRENT #41 plus-RELENG_25_11-n256500-a43915e7ef55: Mon Dec 1 19:02:15 UTC 2025 root@pfsense-build-release-amd64-1.eng.atx.netgate.com:/var/jenkins/workspace/pfSense-Plus-snapshots-25_11-main/obj/amd64/mjYGPXLl/var/jenkins/workspace/pfSe

Crash report details:

PHP Errors:
[01-Jan-2026 11:03:24 America/New_York] PHP Fatal error: Uncaught TypeError: openssl_csr_sign(): Argument #4 ($days) must be of type int, string given in /etc/inc/certs.inc:451
Stack trace:
#0 /etc/inc/certs.inc(451): openssl_csr_sign()
#1 /usr/local/www/wizards/openvpn_wizard.inc(583): cert_create()
#2 /usr/local/www/wizard.php(116) : eval()'d code(1): step12_submitphpaction()
#3 /usr/local/www/wizard.php(116): eval()
#4 {main}
thrown in /etc/inc/certs.inc on line 451
[01-Jan-2026 11:16:35 America/New_York] PHP Fatal error: Uncaught TypeError: openssl_csr_sign(): Argument #4 ($days) must be of type int, string given in /etc/inc/certs.inc:451
Stack trace:
#0 /etc/inc/certs.inc(451): openssl_csr_sign()
#1 /usr/local/www/wizards/openvpn_wizard.inc(583): cert_create()
#2 /usr/local/www/wizard.php(116) : eval()'d code(1): step12_submitphpaction()
#3 /usr/local/www/wizard.php(116): eval()
#4 {main}
thrown in /etc/inc/certs.inc on line 451

No FreeBSD crash data found.

hescominsoon

so i got around those issues but now it is not generating the key correctly..i get this when trying to connect

2026-01-01 12:45:58 Cannot pre-load keyfile (pfSense-UDP4-1194-wwarren-tls.key)
2026-01-01 12:45:58 Exiting due to fatal error

hescominsoon

so after multiple deletions, reboots, rerunning the wizard, io got one connection to connect..but i cnaot send any traffic across the tunnel except for pings. 25.11 seems to be quite buggy in regards to openvpn., when i installed the 64 bit current installer the config file was not included..i had to manually export the config..which still is not working correctly. is this a known issue? right now openvpn remote access is simply unusable.

hescominsoon

so i am not trying to use ssl/tls with user auth and now i get failed to connect even when i stop the srvice...delete the profile, and install the new config file. it barfs on the tls key....

pandtech

That definitely sounds frustrating. Since you're seeing both certificate generation errors and TLS key export problems, it feels like there may be multiple bugs involved rather than a simple configuration mistake. If anyone else is testing 25.11, it would be interesting to know whether these OpenVPN issues appeared after a fresh install or only after upgrading. Sometimes checking the periodo entre datas between snapshots and recent fixes can also help identify whether a regression was introduced in a specific build.