VPN broken after upgrade

Tagged: openvpn vpn tls cert

This topic has 1 reply, 2 voices, and was last updated 3 years, 10 months ago by fulvio.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
March 12, 2018 at 11:53 am #63810

IT Starlab
Participant

We updated Zeroshell to Release 3.8.2 and now the VPN clients cannot connect, none of them.

I’ve recreated all PEM, keys and everything on a couple of servers for testing and both come with the same error:
Certificate does not have key usage extension
VERIFY KU ERROR
OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
Fatal TLS error (check_tls_errors_co), restarting
SIGUSR1[soft,tls-error] received, process restarting

What should I do to fix this? Server currently has openvpn 2.4.4 and the servers 2.4.0; this was working fine before and we just updated the firewall..

Thanks.

March 12, 2018 at 9:04 pm #63813

fulvio
Keymaster

Hi,

you should enable the Certification authorities that sign the certificates of the users authorized to access the VPN by pressing the Authentication button on X.509 Configuraton in the VPN Page.

Regards
Fulvio
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.