Initial situation: External Sophos UTM of a provider. A client .ovpn file is offered for download for Windows, Linux, Android and iOS.
Problem:
Connections are working fine with Windows and iOS.
But not with Linux (Ubuntu 19.04/19.10) and Android devices!
Version (Ubuntu Linux):
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
OpenVPN client config: (Windows version has "ip-win32 dynamic" in the first line)
Code: Select all
client
dev do
proto tcp
remote domainname.de 443
verify-x509-name "C=de, L=Dortmund, O=Vxxxxxxxxl, CN=ASG_1, emailAddress=admin@domainname.de"
route remote_host 255.255.255.255.255 net_gateway
resolv-retry infinite
noble
persist-key
persist
auth-user-pass
cipher AES-128-CBC
auth MD5
comp-lzo
route-delay 4
verb 3
reneg-sec 0
<ca>
Certificate:
Data:
Version: 3 (0x2)
.....
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
......
</cert>
<key>
-----BEGIN PRIVATE KEY-----
............
</key>
VERIFY ERROR: depth=0, error=format error in certificate's notAfter field: C=de, L=Dortmund, O=Vxxxxxxxxl, CN=ASG_1, emailAddress=admin@domainname.de
and therefore also:
OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
Fatal TLS error (check_tls_errors_co), restarting
and so on ....
No chance to get any help with Linux from the provider. I should install the Windows client.
Others seem to have the same problem.
But I couldn't find a solution anywhere in spite of intensive search and several own attempts.
Please help me. Thanks in advance.