Let's Encrypt works with OpenVPN Connect, but not Tunnelblick nor OpenVPN command line

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
alfredballe
OpenVpn Newbie
Posts: 14
Joined: Thu Jul 25, 2019 7:14 pm

Let's Encrypt works with OpenVPN Connect, but not Tunnelblick nor OpenVPN command line

Post by alfredballe » Wed Sep 11, 2019 8:56 am

I'm running the following configuration on openvpn server (open source):

Code: Select all

port 443

proto tcp

dev tun

ca /etc/letsencrypt/live/easy-vpn.com/chain.pem
cert /etc/letsencrypt/live/easy-vpn.com/fullchain.pem
key /etc/letsencrypt/live/easy-vpn.com/privkey.pem

dh /home/alfredballe/dh2048.pem

server 10.8.0.0 255.255.255.0

topology subnet

ifconfig-pool-persist ipp.txt

push "topology subnet"
ifconfig 10.8.0.1 255.255.255.0
push "route-gateway 10.8.0.1"

keepalive 10 120

persist-key
persist-tun

status openvpn-status.log

verb 5

verify-client-cert none
username-as-common-name

script-security 3
auth-user-pass-verify /etc/openvpn/auth-user-pass-verify.py via-env
client-connect /etc/openvpn/client-connect.py
This works well with OpenVPN Connect client, but fails with OpenVPN command line and Tunnelblick.

Both clients that fails gives error similar to:

Code: Select all

Wed Sep 11 10:50:29 2019 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Wed Sep 11 10:50:29 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Sep 11 10:50:29 2019 TLS_ERROR: BIO read tls_read_plaintext error
Wed Sep 11 10:50:29 2019 TLS Error: TLS object -> incoming plaintext read error
Wed Sep 11 10:50:29 2019 TLS Error: TLS handshake failed
[code]

alfredballe
OpenVpn Newbie
Posts: 14
Joined: Thu Jul 25, 2019 7:14 pm

Re: Let's Encrypt works with OpenVPN Connect, but not Tunnelblick nor OpenVPN command line

Post by alfredballe » Fri Oct 04, 2019 9:03 am

No ideas or suggestions?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6218
Joined: Fri Jun 03, 2016 1:17 pm

Re: Let's Encrypt works with OpenVPN Connect, but not Tunnelblick nor OpenVPN command line

Post by TinCanTech » Fri Oct 04, 2019 12:35 pm

We don't support letsencrypt here.

Post Reply