Intermediate CA certificate is not found when included in the <cert> tag of a unified .ovpn profile on OpenVPN Connect on Android.
Client certificate has been generated with intermediate CA certificate included, then added to the .ovpn file within the <cert> tag. The root CA certificate is included in the <ca> tag. This file configuration works for Windows clients connecting to the same server. However, Android clients time out, and the VPN server logs this error:
VERIFY ERROR: depth=0, error=unable to get local issuer certificate: CN=[Android client CN]
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
Moving the intermediate CA certificate from the end of the <cert> tag to the beginning of the <ca> tag in the same unified .ovpn profile allows the Android client to connect successfully.
Is this a bug? If so, how can I log a bug report? I tried logging a bug report with OpenVPN Support but they said it was only for the corporate solutions.
Intermediate CA certificate not found in unified profile - OpenVPN Connect Android
-
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Dec 28, 2022 3:44 am