Cetificate manager: "This certificate does not appear to be valid" while importi



  • Hi folks,

    I plan to migrate from another platform currently acting as OpenVPN server to pfSense.
    Current platform stores few hundreds of accounts with certificates thus my goal is obviously not to create and distribute these certificates again. This would make migration quite painful.
    So I'm trying to import existing certificates  8)

    Importing CA works seamlessly but importing users certificate fails with error message:
    "This certificate does not appear to be valid."

    I suspect this could be due to missing attribute like Organization or country but there is nothing obvious in logs (at leas for what is accessible from GUI. I'll check further at system level).

    If my assumption is correct, do you think it would be realistic to tweak OpenSSL conf so that such certificates can be imported and used by clients ?



  • Adding some comment here:

    As far as I understand, importing user's certificate in pfSense is not mandatory as long as OpenVPN server certificate is issued by same (or trusted) CA but not importing these users certificates will mean that revoking it will not be feasible or at least easy.
    Am I correct ? ???


Log in to reply