Page 1 of 1

Getting server certificate in the client

Posted: Fri Sep 22, 2023 3:45 pm
by Eugeny
Hello, hope you are doing well!
We recently had a case when openvpn infrastructure got down, and it appeared to be expired server certificate. I want clients to collect server certificate (in user mode) and report its expiration date through their channels. It is clearly that openvpn client receives server certificate when making the connection, but it does not cache this certificate anywhere. I have researched how I can do it from the command line

Code: Select all

openssl s_client -connect "xx.xx.xx.xx:xxxxx" -servername "server"
but it reports

Code: Select all

my openvpn -- server uses UDP.

Please advise how to get openvpn server certificate on the client machine. Thanks!