Expired Certificate and TLS Error Unable to connect with Server

Scripts to manage certificates or generate config files
Post Reply
mgvranicarjr
OpenVpn Newbie
Posts: 1
Joined: Tue Nov 10, 2020 10:06 pm

Expired Certificate and TLS Error Unable to connect with Server

Post by mgvranicarjr » Tue Nov 10, 2020 10:53 pm

Hello all,

Apologies in advance as I do not really know my way around the technology or the correct terminology.

I currently use OpenVPN at my office for 9 different users and about 15 total devices, all who use this to remotely access our server and share drive to allow them to work from home and save and share documents. Ever since Monday, everyone who tries to log in to their VPN gets the same certificate has expired and TLS error message.

(I have a screenshot but it wont load so the Certificate expired shows it as an OpenSSL error 1416F086: SSSL routines: tls_process_server_certificate: certificate verify failed)

Most of these accounts were made in the last few months with the first one being made about a year ago but the OpenVPN account is relatively new as we first installed it in our office about a year ago. We do have access to our server when at the office, and I tried to self-diagnose through similar experiences on here but am unable to figure out how to resolve this issue. If anyone has any idea how to resolve this or go about it, please let me know as that would be very greatly appreciated. Thank you!

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8968
Joined: Fri Jun 03, 2016 1:17 pm

Re: Expired Certificate and TLS Error Unable to connect with Server

Post by TinCanTech » Tue Nov 10, 2020 11:39 pm

You need a new certificate.

300000
OpenVPN Expert
Posts: 510
Joined: Tue May 01, 2012 9:30 pm

Re: Expired Certificate and TLS Error Unable to connect with Server

Post by 300000 » Wed Nov 11, 2020 6:48 pm

who is setting up CA for your company ? if that paid setting up so that person try to rip of from you to make certificate very short time . one year maybe nomal when you create CA it should last 10 years not one year as your client.

there is no way to make it work , you need to create certicate again or turn of certificate and use static key on both server and client., whatever way you use it need to be charge client too so there are a lot job for you to deal with.

Post Reply