OpenVPN Support Forum

Hello all, I have openvpn server working on ubuntu for about 2 years and until now, we have'nt had any poblems with it.

When i create a new certificate using "./build-key john.doe", it works as expected, except that the certificate does'nt works on the client.

I've tested the certificate (on the server) with the next command:

openssl verify -CAfile ca.crt john.doe.crt

and the output is:

john.doe.crt: C = VE, ST = MI, L = Caracas, O =www www, CN = john.doe, name = John Doe, emailAddress = me@myhost.mydomain
error 20 at 0 depth lookup:unable to get local issuer certificate

That does'nt happens with olders crts.

Furthermore, I've tried this comand too:

openssl x509 -in john.doe.crt -noout -text | grep Issuer

and the output:

Issuer: C=VE, ST=MI, L=Caracas, O=www www, CN=fred.durst/name=Fred Durst/emailAddress=me@myhost.mydomain

But when I try the same command with other working crt, I get:

Issuer: C=VE, ST=MI, L=Caracas, O=Synergy Global Business, OU=Section, CN=SGBVPN/name=SGBVPN

So obviusly, something is going wrong when the crt is issued. Curiously, fred.durst.crt was the last working crt the server issued...

Any help to solve this? TIA