can't connect to VPN Server
Posted: Tue Mar 15, 2016 12:04 am
VPN server starts good (it's another machine in my LAN). I exported all due client certificates (ca.crt ta.key client.crt and client.key)
When trying to connect this is what I get from the client:
Thank you!
When trying to connect this is what I get from the client:
I don't think I made mistake in the client certificate generation..and my client.ovpn is just fineTue Mar 15 00:40:27 2016 OpenVPN 2.3.10 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jan 4 2016
Tue Mar 15 00:40:27 2016 Windows version 6.1 (Windows 7)
Tue Mar 15 00:40:27 2016 library versions: OpenSSL 1.0.1q 3 Dec 2015, LZO 2.09
Enter Management Password:
Tue Mar 15 00:40:33 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Mar 15 00:40:33 2016 SIGUSR1[soft,private-key-password-failure] received, process restarting
Tue Mar 15 00:40:44 2016 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Mar 15 00:40:44 2016 UDPv4 link local: [undef]
Tue Mar 15 00:40:44 2016 UDPv4 link remote: [AF_INET]myremoteip:1196
Tue Mar 15 00:40:44 2016 VERIFY ERROR: depth=0, error=unsupported certificate purpose: CN=GW2-Server
Tue Mar 15 00:40:44 2016 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Tue Mar 15 00:40:44 2016 TLS Error: TLS object -> incoming plaintext read error
Tue Mar 15 00:40:44 2016 TLS Error: TLS handshake failed
Tue Mar 15 00:40:44 2016 SIGUSR1[soft,tls-error] received, process restarting
What could I try?client
proto udp
remote myremoteip
port 1196
dev tun
nobind
remote-cert-tls server
tls-auth ta.key 1
ca ca.crt
cert client.crt
key client.key
Thank you!
