[ale] OpenVPN test
Chris Fowler
cfowler at outpostsentinel.com
Wed Aug 25 20:19:41 EDT 2010
I'm testing OpenVPN and I'm having some issues with the client verifying
the certificate
Wed Aug 25 20:16:58 2010 TCP connection established with
[AF_INET]192.168.1.101:1194
Wed Aug 25 20:16:58 2010 TCPv4_CLIENT link local: [undef]
Wed Aug 25 20:16:58 2010 TCPv4_CLIENT link remote:
[AF_INET]192.168.1.101:1194
Wed Aug 25 20:16:59 2010 VERIFY ERROR: could not extract Common Name
from X509 subject string ('') -- note that the Common Name length is
limited to 64 characters
Wed Aug 25 20:16:59 2010 TLS_ERROR: BIO read tls_read_plaintext error:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
Wed Aug 25 20:16:59 2010 TLS Error: TLS object -> incoming plaintext
read error
Wed Aug 25 20:16:59 2010 TLS Error: TLS handshake failed
Wed Aug 25 20:16:59 2010 Fatal TLS error (check_tls_errors_co),
restarting
Here is the certificate text:
Data:
Version: 1 (0x0)
Serial Number: 1048578 (0x100002)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Georgia, L=Alpharetta, O=OutPost Sentinel LLC,
OU=Support, CN=vts.opsdc.com/emailAddress=support at opsdc.com
Validity
Not Before: Aug 26 00:05:42 2010 GMT
Not After : Aug 23 00:05:42 2020 GMT
Subject:
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Apparently the CN info is not put into the Subject on the certificate.
I'm generating these using the easyrsa/1.0 scripts in the openvpn source
directory.
Any ideas?
More information about the Ale
mailing list