Hello all, I have openvpn server working on ubuntu for about 2 years and until now, we have'nt had any poblems with it.
When i create a new certificate using "./build-key john.doe", it works as expected, except that the certificate does'nt works on the client.
I've tested the certificate (on the server) with the next command:
openssl verify -CAfile ca.crt john.doe.crt
and the output is:
john.doe.crt: C = VE, ST = MI, L = Caracas, O =www www, CN = john.doe, name = John Doe, emailAddress = me@myhost.mydomain
error 20 at 0 depth lookup:unable to get local issuer certificate
That does'nt happens with olders crts.
Furthermore, I've tried this comand too:
openssl x509 -in john.doe.crt -noout -text | grep Issuer
and the output:
Issuer: C=VE, ST=MI, L=Caracas, O=www www, CN=fred.durst/name=Fred Durst/emailAddress=me@myhost.mydomain
But when I try the same command with other working crt, I get:
Issuer: C=VE, ST=MI, L=Caracas, O=Synergy Global Business, OU=Section, CN=SGBVPN/name=SGBVPN
So obviusly, something is going wrong when the crt is issued. Curiously, fred.durst.crt was the last working crt the server issued...
Any help to solve this? TIA
Wrong Issuer generating crt
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech