OpenVPN Support Forum

Hi,

maybe I'm stupid, but I cannot get inline certificates to work.

Here's my config:
This config works just fine, but when I replace this line
with and then paste my cert file inbetween <ca> and </ca> tags, I get

Sun May 27 17:45:13 2018 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Similar things happen if I replace cert or ca with the inline variants.

I feel stupid for being stuck on something so trivial. My OpenVPN client is version 2.46.

Best regards and thanks in advance.

Fauch wrote: ↑

Sun May 27, 2018 3:46 pm

when I replace this line

Code: Select all

ca dummy.ca

with

Code: Select all

ca [INLINE]

and then paste my cert file inbetween <ca> and </ca> tags, I get

Sun May 27 17:45:13 2018 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

You do not replace --ca /path/to/ca.crt with --ca [INLINE]

You get rid of the line --ca /path/to/ca.crt and replace it with:

Fauch wrote: ↑

Sun May 27, 2018 3:46 pm

Sun May 27 17:45:13 2018 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Similar things happen if I replace cert or ca with the inline variants.

I use inline all the time and have no problems with it .. you probably just pasted the wrong file.

Nope, I did not. I triple checked that.

just post your config containing the the CA too , as far as i know that information is not secret , but if you want you can also generate some test ca/client/server certs

by the way you need to paste the base64 encoded cert including the -----BEGIN CERTIFICATE----- , -----END CERTIFICATE----- tags