cryptoapicert and perosnal store

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
awsiukie
OpenVpn Newbie
Posts: 1
Joined: Wed Jul 07, 2021 10:34 pm

cryptoapicert and perosnal store

Post by awsiukie » Wed Jul 07, 2021 10:52 pm

Hey!

openvpn connect windows 64 bit versions: 3.2.3

I just discovered that i can't use personal certificate store. All certs needs to be in dedicated OpenVPN cert store called: "OpenVPN Certificate Store". I'm using Microsoft Certificate Authority for certs autoenrollment where certs of the device or even a user are placed in the "personal" certificate store. It seems that config option "cryptoapicert" is ignored while importing the config and you need to pick up cert from drop down menu that is pulling certs from that "OpenVPN Certificate Store" cert store.

For version 3.3.1 is even worse. There is no drop down with my cert as in 3.2.3 version. Next to "certificate there is "none" and there is no even way to chose certificate except this PKCS12 which is empty after upgrate. It force me to upload cert from file?! If i use none then while trying to connect it warns me about "missing external certificate" and then it do not apply client certificate. Again its like cryptoapicert is completely ignored.

It looks like version 3.2.3 takes certs from dedicated store and in version 3.3.1 you need to explicit import it as 3.3.1 do not see any cert there. I guess thats a BUG.

1. is it possible to force it to work with "Personal" cert store?
2. how to force this thing to actually use this cryptoapicert option and windows cert store? Was it depricated?

marfr
OpenVpn Newbie
Posts: 1
Joined: Mon Apr 11, 2022 1:41 pm

Re: cryptoapicert and perosnal store

Post by marfr » Mon Apr 11, 2022 1:44 pm

Hi,

has anyone found a solution for this problem? Or any documentation how this works in detail?

Thanks

Post Reply