(SOLVED) Cannot load CA certificate file /etc/ssl/certs/ca-certificates.crt

[keong_racun]

I have an OpenVPN on my server with many client connected, but now all my clients are disconnected and when I check in my server I get an error like text below

Jun 08 09:28:52 vpn-iot systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Jun 08 09:28:52 vpn-iot openvpn [162536]: AUTH-PAM: BACKGROUND: INIT service='openvpn'
Jun 08 09:28:52 vpn-iot systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Jun 08 09:28:52 vpn-iot openvpn [162535]: PLUGIN_INIT: POST /usr/lib/aarch64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so '[/usr/lib/aarch
Jun 08 09:28:52 vpn-iot openvpn [162535]: Diffie-Hellman initialized with 2048 bit key
Jun 08 09:28:52 vpn-iot openvpn [162535]: Cannot load CA certificate file /etc/ssl/certs/ca-certificates.crt (entry 119 did not validate)
Jun 08 09:28:52 vpn-iot openvpn [162535]: Cannot load CA certificate file /etc/ssl/certs/ca-certificates.crt (only 136 of 137 entries were valid
Jun 08 09:28:52 vpn-iot openvpn [162535]: Exiting due to fatal error
Jun 08 09:28:52 vpn-iot openvpn[162536]: AUTH-PAM: BACKGROUND: received command code: 1
Jun 08 09:28:52 vpn-iot openvpn[162536]: AUTH-PAM: BACKGROUND: EXIT

Any idea? Thank you in advance

[rondeaut]

Apologies if this is unhelpful but I would say the issue is the following:

Code: Select all

Jun 08 09:28:52 vpn-iot openvpn [162535]: Cannot load CA certificate file /etc/ssl/certs/ca-certificates.crt (entry 119 did not validate)

Is there something you can do to validate /etc/ssl/certs/ca-certificates.crt? I'm not sure how to do that myself, but that would seem to be the logical next step.