WARNING: No server certificate verification method has been enabled. See http:/

  • Hi,

    every time I connect to my pfsense server I got this message

    WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

    My knowledge about OpenVPN isn't really good but I didn't found a possibility in pfsense Cert Manager to get this working:

    You can build your server certificates with the build-key-server script (see the easy-rsa documentation for more info). This will designate the certificate as a server-only certificate by setting the right attributes. Now add the following line to your client configuration:
    remote-cert-tls server

    Did I miss something in the Cert Manager config options or isn't there a possibility in there till now ?

  • Rebel Alliance Developer Netgate

    I have looked into that, but building keys that way requires some extra openssl.cnf mojo that is tricky to work out when trying to use PHP's OpenSSL functions like we do.

  • Hi jimp,

    thanks for feedback. Just wanted to be sure that I didn't miss anything in the pfsense config.

Log in to reply