and I would like to move this server to the other machine. Their keys, ca, etc. files are stored in /etc/openvpn/2.0/keys..
Is it enough to just copy the /etc/openvpn along with all subdirs and launching the new server?
I did that, copied the entire /etc/openvpn directory, but it seems there is more to it. The VPN clients are unable to connect to the new server..
getting this in the (new) server logs (I edited some fields for privacy)..
Code: Select all
TLS: Initial packet from [AF_INET]19.62.15.11:56625, sid=f72da6b5 766548bb
VERIFY ERROR: depth=0, error=CRL signature failure: C=TR, ST=TR, L=Izmir, O=XXX, OU=XXX, CN=XXXXXX, name=XXXX, emailAddress=XXX@XXXXX, serial=3
OpenSSL: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed