Any plans for "PolarSSL: X509 Certifcate verification failed"?

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
zFsyFakxEA
OpenVpn Newbie
Posts: 2
Joined: Sat Apr 29, 2017 2:33 pm

Any plans for "PolarSSL: X509 Certifcate verification failed"?

Post by zFsyFakxEA » Sat Apr 29, 2017 3:03 pm

PolarSSL in the Android App seems to have a problem with newer certificate chains.
It seems to only ever check depth=0 and not the higher ca certs first.

My config works just fine in the official Windows Client and third-Party Android Apps. Only the official Connect app fails to verify the certs.

Is anybody working on this?

Got the hint to try another app from this issue: https://github.com/Nyr/openvpn-install/issues/236

ConnectApp:
Image

Windows:

Code: Select all

Sat Apr 29 12:53:34 2017 TLS: Initial packet from [AF_INET]180.9.107.10:1416, sid=5bff10eb 343eab6c
Sat Apr 29 12:53:35 2017 VERIFY OK: depth=2, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
Sat Apr 29 12:53:35 2017 VERIFY OK: depth=1, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Sat Apr 29 12:53:35 2017 VERIFY OK: depth=0, OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.opengw.net
Sat Apr 29 12:53:35 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
OpenVPN Client App:
Image

Post Reply