connect error: Missing External PKI alias

Post Reply
tiendungitd
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 10, 2019 6:40 am

connect error: Missing External PKI alias

Post by tiendungitd » Tue Dec 10, 2019 6:42 am

I just setup a openvpn server version 2.4.4, it work well with Openvpn client in Windows and Android, but error in Mac OS.

Code: Select all

Tue Dec 10 10:50:31 2019 OMI Connecting to /Library/Application Support/OpenVPN/sock/ovpn-KTMpKfLsCR5a.sock [unix]
Tue Dec 10 10:50:35 2019 CLIENT_EXCEPTION : connect error: Missing External PKI alias [FATAL-ERR]
Tue Dec 10 10:50:35 2019 >FATAL:CLIENT_EXCEPTION: connect error: Missing External PKI alias
I'm testing in MacOS version 10.4.4 and Openvpn client 2.7.1.100. Below is client.ovpn

Code: Select all

client
dev tun
proto tcp-client
remote vpn01 9443
resolv-retry infinite
cipher AES-256-CBC
redirect-gateway

# Keys
# Identity
key-direction 1
remote-cert-tls server
auth-user-pass
auth-nocache

# Security
nobind
persist-key
persist-tun
comp-lzo
verb 3

# Proxy ?
# http-proxy cache.univ.fr 3128
<ca>
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIUdu/viXgfwhA+wu0K49vvnXaCyFkwDQYJKoZIhvcNAQEL
BQAwHDEaMBgGA1UEAwwRdnBuMDEuaG9tZWNjYS5jb20wHhcNMTkxMjA5MTA1NTQ5
Any ideas or what might causing this issue?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6686
Joined: Fri Jun 03, 2016 1:17 pm

Re: connect error: Missing External PKI alias

Post by TinCanTech » Tue Dec 10, 2019 1:32 pm

For MAC OS use TunnelBlick.

tiendungitd
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 10, 2019 6:40 am

Re: connect error: Missing External PKI alias

Post by tiendungitd » Fri Dec 13, 2019 3:38 am

TinCanTech wrote:
Tue Dec 10, 2019 1:32 pm
For MAC OS use TunnelBlick.
Thanks, it's worked well with TunnelBlick.
That kind of weird when OpenVPN client in Mac not work

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6686
Joined: Fri Jun 03, 2016 1:17 pm

Re: connect error: Missing External PKI alias

Post by TinCanTech » Fri Dec 13, 2019 10:18 am

tiendungitd wrote:
Fri Dec 13, 2019 3:38 am
OpenVPN client in Mac not work
Exactly which client do you mean ?

ottosmo
OpenVpn Newbie
Posts: 1
Joined: Wed Feb 26, 2020 12:42 am

Re: connect error: Missing External PKI alias

Post by ottosmo » Wed Feb 26, 2020 12:43 am

Same behavior for me - TunnelBlick works, but the OpenVPN Connect 2.7.1.100 application for MacOS gives this "Missing External PKI Alias" error

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6686
Joined: Fri Jun 03, 2016 1:17 pm

Re: connect error: Missing External PKI alias

Post by TinCanTech » Wed Feb 26, 2020 12:18 pm

According to the OP's client config file (and presumably yours if you get the same error)
the <ca> section is missing the </ca> closing monika and is also missing the TLS-AUTH key.

Post Reply