Certificate verify failed

Hell · Post by **Hell** » Wed Dec 08, 2021 8:34 pm

Hello everyone,

I'm trying to get OpenVPN to work on my iPhone 11 but I'm facing this issue :
https://zupimages.net/viewer.php?id=21/49/07ld.jpg

I specify that I connected in SSH and in "root" on the console of my synology and that I can see the packets arrived during my connection attempt. I get this before I get the error message :
https://zupimages.net/viewer.php?id=21/49/g06s.jpg

Someone can help me ?

Thank you

This message is translated from google translate

TinCanTech · Post by **TinCanTech** » Wed Dec 08, 2021 8:39 pm

Please start here: viewtopic.php?f=30&t=22603#p68963

Hell · Post by **Hell** » Wed Dec 08, 2021 9:18 pm

Ok sorry.

* Serveur *

My server configuration file :
Managed by my synology NAS

My server log file :
I don't think I have one, because it is managed by my synology NAS

* Client *

iOS 14.3 (18C66)

My client log file :

Code: Select all

2021-12-08 22:03:01 1

2021-12-08 22:03:01 ----- OpenVPN Start -----
OpenVPN core 3.git::58b92569 ios arm64 64-bit

2021-12-08 22:03:01 OpenVPN core 3.git::58b92569 ios arm64 64-bit

2021-12-08 22:03:01 Frame=512/2048/512 mssfix-ctrl=1250

2021-12-08 22:03:01 UNUSED OPTIONS
1 [tls-client]
3 [pull]
5 [script-security] [2]

2021-12-08 22:03:01 EVENT: RESOLVE

2021-12-08 22:03:01 Contacting [xxxx]:1194/UDP via UDP

2021-12-08 22:03:01 EVENT: WAIT

2021-12-08 22:03:01 Connecting to [xxxx]:1194 (xxxx) via UDPv4

2021-12-08 22:03:01 EVENT: CONNECTING

2021-12-08 22:03:01 Tunnel Options:V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client

2021-12-08 22:03:01 Creds: Username/Password

2021-12-08 22:03:01 Peer Info:
IV_VER=3.git::58b92569
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_GUI_VER=net.openvpn.connect.ios_3.2.3-3760
IV_SSO=openurl


2021-12-08 22:03:01 VERIFY FAIL: depth=2, /C=US/O=Internet Security Research Group/CN=ISRG Root X1 [unable to get issuer certificate]

2021-12-08 22:03:01 Transport Error: OpenSSLContext::SSL::read_cleartext: BIO_read failed, cap=2576 status=-1: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

2021-12-08 22:03:01 EVENT: CERT_VERIFY_FAIL OpenSSLContext::SSL::read_cleartext: BIO_read failed, cap=2576 status=-1: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [ERR]

2021-12-08 22:03:01 Raw stats on disconnect:
BYTES_IN : 4800
BYTES_OUT : 383
PACKETS_IN : 6
PACKETS_OUT : 5
SSL_ERROR : 1

2021-12-08 22:03:01 Performance stats on disconnect:
CPU usage (microseconds): 52475
Network bytes per CPU second: 98770
Tunnel bytes per CPU second: 0

2021-12-08 22:03:01 EVENT: DISCONNECTED

2021-12-08 22:03:01 Raw stats on disconnect:
BYTES_IN : 4800
BYTES_OUT : 383
PACKETS_IN : 6
PACKETS_OUT : 5
SSL_ERROR : 1
CERT_VERIFY_FAIL : 1

2021-12-08 22:03:01 Performance stats on disconnect:
CPU usage (microseconds): 63104
Network bytes per CPU second: 82134
Tunnel bytes per CPU second: 0

My client configuration file :

client

1

dev tun

2

tls-client

3

remote xxxx 1194

4

pull

5

proto udp

6

script-security 2

7

reneg-sec 0

8

cipher AES-256-CBC

9

auth SHA512

10

auth-user-pass

11

<ca>

12

--STRIPPED INLINE CA CERT--

Tell me if need more information or if I'm on the wrong track.

Thank you for your help.

This message is translated from google translate.

TinCanTech · Post by **TinCanTech** » Wed Dec 08, 2021 9:39 pm

Hell wrote: ↑
Wed Dec 08, 2021 9:18 pm
My server log file :
I don't think I have one, because it is managed by my synology NAS

No log, no eye-deer.

Look again ..

OpenVPN Support Forum

Certificate verify failed

Certificate verify failed

Re: Certificate verify failed

Re: Certificate verify failed

Re: Certificate verify failed