I have a problem with a configuration or I use an intermediate certificate.
But I have correctly followed the steps described here : https://community.openvpn.net/openvpn/w ... ate_Chains
- I have a root certificate : ca.crt
- I have a intermediary CA, signed by ca.crt : sub.crt
- I have a server certificate, signed by ca.crt : server.crt
- I have a client certificate, signed by sub.crt : client.crt
In my OpenVPN server config file :
ca ca.crt
cert server.crt
In my OpenVPN client config file :
ca ca.crt
cert chained.crt
chained.crt contains client.crt and sub.crt one after the other
But it does not work. Here is the error I get:
Code: Select all
TLS: Initial packet from [AF_INET]*****:38024, sid=58bf511f 056992ea
VERIFY ERROR: depth=1, error=invalid CA certificate: C=BE, ST=Brussels, O=MyOrganisation, CN=OpenVPN Clients, emailAddress=name@mydomain.org
TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
SIGUSR1[soft,tls-error] received, client-instance restarting
Thanks a lot,
Fabien