Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Certificate import error?

    OpenVPN
    3
    7
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rocx9
      last edited by

      trying to import user certificate and private key (for Openvpn..witopia) and I get
      Warning: openssl_x509_parse(): unable to parse time string 1610141749Z correctly in /etc/inc/certs.inc on line 416 Warning: openssl_x509_parse(): unable to parse time string 1610141749Z correctly in /etc/inc/certs.inc on line 466 Warning: openssl_

      Any suggestion?
      Thanks
      rocx

      1 Reply Last reply Reply Quote 0
      • D
        divsys
        last edited by

        Warning: openssl_x509_parse(): unable to parse time string 1610141749Z correctly

        My guess would be to check the time synchronization on the pfSense server that created that certficiate.

        I think that points to 2016/10/14 17:49 Zulu (some time in the future).

        But that's just a guess without more info.

        How did you create that certificate, and what version of pfSense are you using?

        -jfp

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Looks similar to a couple older PHP bugs. This.
          http://permalink.gmane.org/gmane.comp.php.cvs.general/66918

          and one where a cert with an end date past 2038 where there was a Y2K38 issue. But those both look like they should be fixed in the PHP version in 2.2.x and 2.3.

          It probably isn't system time/date relevant. In that case it should still import it fine, it just wouldn't work probably with an error along the lines of it being expired, or not yet valid, depending on which direction the clock was off.

          1 Reply Last reply Reply Quote 0
          • R
            rocx9
            last edited by

            Thank you both for trying to help .. The cert was not created by a pfsense.. it was created by witopia (www.witopia.net) for their openvpn service. I was trying to configure my vpn to use the openvpn client feature.. (follow the docs from https://chubbable.com/setup-pfsense-as-openvpn-client

            1 Reply Last reply Reply Quote 0
            • R
              rocx9
              last edited by

              is there a way to import these certs from shell? not using the php?
              Thanks
              ROcx

              1 Reply Last reply Reply Quote 0
              • D
                divsys
                last edited by

                Openssl is alive and running on a standard pfSense install, lot's of how-to's out there for the brave of heart (and patient).

                You could try a manual import to see if there's something wrong with your certificate (or your pfSense install).

                What version of pfSense are you running?

                -jfp

                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  You'd have to mess with base64. Could you send me a copy of the certificate file? No need for the key portion, and the cert on its own isn't usable for anything.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post