Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I get the OpenVPN client to accept our self-signed cert?

    OpenVPN
    2
    4
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      HaburGate
      last edited by

      What am I doing wrong?

      Installed OpenVPN Client Export Utility, built CA, VPN cert, and User cert. Exported package and installed on remote host.

      Every time remote host tries to connect, OpenVPN throws this error:

      TLS_ERROR:  BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
      TLS Error: TLS object -> incoming plaintext read error
      TLS Error: TLS handshake failed

      What am I doing wrong? How do I disable certificate validation?

      PGP Key: 0x82A211A2
      Server:    pool.sks-keyservers.net

      1 Reply Last reply Reply Quote 0
      • H
        HaburGate
        last edited by

        bump, should be a simple answer.

        PGP Key: 0x82A211A2
        Server:    pool.sks-keyservers.net

        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by

          you probably did something wrong in generating the certs. (no clue what)

          just start from scratch and try again with new a CA
          generate the servercert&usercert from the newly created CA.

          should be fine

          1 Reply Last reply Reply Quote 0
          • H
            HaburGate
            last edited by

            @heper:

            you probably did something wrong in generating the certs. (no clue what)

            just start from scratch and try again with new a CA
            generate the servercert&usercert from the newly created CA.

            should be fine

            Alright, will do. Thanks.

            PGP Key: 0x82A211A2
            Server:    pool.sks-keyservers.net

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.