when i try to connect OpenVPN client to SoftEther server, i get the following error:
Code: Select all
Wed Jul 08 21:46:16 2020 TLS: Initial packet from [AF_INET]52.214.19.54:1194, sid=b97b9a2f a09ff915
Wed Jul 08 21:46:16 2020 VERIFY ERROR: depth=0, error=self signed certificate: CN=ec2-52-214-19-54.eu-west-1.compute.amazonaws.com, O=sbb2-vpn, OU=dev, C=IT, ST=MI, L=Milan
Wed Jul 08 21:46:16 2020 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 08 21:46:16 2020 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 08 21:46:16 2020 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 08 21:46:16 2020 TLS Error: TLS handshake failed
1- I have created the server certificate with the MakeCert command of SoftEther vpncmd utility, specifying ec2-52-214-19-54.eu-west-1.compute.amazonaws.com as the Common Name.
2- I edited the vpn_server.config file replacing the ServerCert and ServerKey values with the ones from the certificate generated at step 1
(removing all newlines and blank characters)
3- I have created my OpenVPN config file like this
Code: Select all
client
dev tun
proto udp
remote ec2-52-214-19-54.eu-west-1.compute.amazonaws.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-128-CBC
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
....
....
-----END RSA PRIVATE KEY-----
</key>
reneg-sec 0
I have created a user for the DEFAULT Virtual Hub, and i have set a certificate for it. I have copied same certificate and private key in the
<cert> and <key> sections of the .ovpn config file, in order to enable mutual authentication.
But this certificate is self-signed