[solved] Can't activate license key because https://licensing.openvpn.net uses a self signed certificate
Posted: Fri Mar 22, 2019 9:55 am
Hi guys. I've bought a license, but I'm unable to activate. The error in the web admin interface:
The certificate I'm using for the VPN is valid. It accepts everything, people can connect, it's working like a charm. It's just the SSL connection/verification to the OpenVPN licensing server which refuses to work. It's not the firewall, because there's no outgoing rules whatsoever.
Command line:
gives:
Which makes perfect sense, because when you browse to https://licensing.openvpn.net it throws a warning, saying that certificate is self-signed. Sure, I can activate offline, but why does that public facing webserver leverage an invalid self-signed certificate?
Code: Select all
Error: LicenseActivate: <Fault 9000: "OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]">
Error: <bound method AdminLicensing.chain_get_license_info of <pyovpn.admin.licconf.AdminLicensing object at 0x7fefe36263d0>>: ('Could not adapt', '', <InterfaceClass nevow.inevow.ISession>)Command line:
Code: Select all
/usr/local/openvpn_as/scripts/liman activate "MY-KEY-HERE"Code: Select all
OpenSSL web ciphersuites: DEFAULT:!EXP:!PSK:!SRP:!LOW:!RC4
OpenSSL Error: <depth=1 err=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain subj=<X509Name object '/CN=OpenVPN Licensing'>>
ERROR: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')] (OpenSSL.SSL.Error)Which makes perfect sense, because when you browse to https://licensing.openvpn.net it throws a warning, saying that certificate is self-signed. Sure, I can activate offline, but why does that public facing webserver leverage an invalid self-signed certificate?