Hello,
I have a root CA just for example CA1 and I also sign sub CA on behalf of root CA, my Sub-CA is CA2, and I do stacked both CAs in a single file, I have test that following scenarios,
Server side, set as below client can connect by selecting same CA1.crt CA file.
Code: Select all
ca "C:\\Program Files\\OpenVPN\\config\\ca1.crt"
Server side, set as below client can connect by selecting same CA1.crt CA file, but unable to connect when they select only CA2.crt
Code: Select all
ca "C:\\Program Files\\OpenVPN\\config\\ca2.crt"
Server side, set as below client can connect by selecting same stacked.crt CA file, and CA1 file, but still unable to connect when select only CA2.crt from client devices.
Code: Select all
ca "C:\\Program Files\\OpenVPN\\config\\stacked.crt"
my requirement is client can connect even they select CA1.crt and CA2.crt from their client devices need your help what configuration i have to do at server and client side to meet my requirement.
Regards,
Jebran.