ca.crt invalid

jarmar · Post by **jarmar** » Thu Jan 23, 2020 12:49 am

I am trying to generate all certificates using easyrsa on my Windows PC then copy the certs to my EdgeMAX EdgeRouter 4 which has openvpn. I follow the procedures with no errors yet when I transfer to the router and try to start openvpn I get an error ca.crt invalid. I have done this with easyrsa ver2 with no issues yet with easyrsa ver3 it does not work. Please assist with generating certs that will work on my EdgeRouter.

TinCanTech · Post by **TinCanTech** » Thu Jan 23, 2020 11:22 am

And what error is shown in the log file ?

jarmar · Post by **jarmar** » Thu Jan 23, 2020 5:12 pm

The only messge is "Invalid ca.crt file". Lack of any resolution on this I found instructions to install easy-rsa on CentOS8. I created a new virtual machine, installed openvpn and easy-rsa then generated the certs. The process is the same as on Windows. Once complete i uploaded the certs onto my router and they worked. Not sure why the Windows version of easy-rsa does not work.

TinCanTech · Post by **TinCanTech** » Thu Jan 23, 2020 5:16 pm

Probably just a "Coffee / Pasta" error.

jarmar · Post by **jarmar** » Sat Jan 25, 2020 5:24 am

I am using WinSCP to copy the files between the PC and the Router. It works if I use Linux but not Windows.

TiTex · Post by **TiTex** » Sat Jan 25, 2020 3:16 pm

i think somebody else had this issue , and it was an windows line encoding issue
convert the file to LF (linux line ending ) from a terminal dos2unix yourfile , if you don't have this utility there are plenty of text editors that have this feature including Visual Code or notepad2-mod (https://xhmikosr.github.io/notepad2-mod/)
also make sure you copy the cert/key including the separators
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

OpenVPN Support Forum

ca.crt invalid

ca.crt invalid

Re: ca.crt invalid

Re: ca.crt invalid

Re: ca.crt invalid

Re: ca.crt invalid

Re: ca.crt invalid