Menu
What's new
By:
Filters Better Search

[Solved] Certificate error in Openvpn (was previously working)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

cowst

Senior Member
Hi,
I recently formatted jffs and enabled scripts, and since then my previously working openvpn connection now fails to connect with the following:

VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-N66U, emailAddress=me@myhost.mydomain

any known reason for this (I remember in the past there were some warning in FW updates meddling with jffs)?
 
Formatting jffs causes new key/certs to be generated.

Sent from my Nexus 5X using Tapatalk
 
So I remembered correctly.
But now, how do I make the openvpn server use the new ones and the client configuration match them as well?
Before it was all out of the box.

Thanks
 
cowst said:
So I remembered correctly.
But now, how do I make the openvpn server use the new ones and the client configuration match them as well?
Before it was all out of the box.

Thanks
Click to expand...

Re-export fresh .ovpn config files to each client from the General setting tab on the Openvpn Server webui page? (Would the Openvpn server not automatically use them in that (jffs) location?)
 
Last edited:
martinr said:
Re-export fresh .ovpn config files to each client from the General setting tab on the Openvpn Server webui page? (Would the Openvpn server not automatically use them in that (jffs) location?)
Click to expand...
I changed subnet, so everything should be generated anew.
Then I restarted the server (you never know), exported the client1.ovpn and sent to an old working client and a brand new phone.
Both have same cert issue.

Sent from my SM-G920F using Tapatalk
 
When I ran into something similar I bit the bullet and restored to factory default settings, manually reconfigured and then re-started the Openvpn server for the first time, as it were, which regenerates the keys and certs, and then re-exported the client .ovpn config files. However, I know you are more clued up than I, so you'll probably find an easier way.
 
That would be my very last weapon, I would regenerate certificates myself somehow (I'd have to figure the appropriate way).
However, I hope merlin has a simpler advice.
 
cowst said:
That would be my very last weapon, I would regenerate certificates myself somehow (I'd have to figure the appropriate way).
However, I hope merlin has a simpler advice.
Click to expand...

Just make sure you export the updated ovpn config to your clients, so they will match the existing router certs.
 
RMerlin said:
Just make sure you export the updated ovpn config to your clients, so they will match the existing router certs.
Click to expand...
That was the first thing I checked.
I'll search again the file by name in each device and delete it before exporting again.
No room for mistake.

So I understand that it should still work out of the box after the jffs format.

Sent from my SM-G920F using Tapatalk
 
I feel stupid.
wiping all client1.ovpn everywhere, changing a openvpn server setting, restarting, importing again in the new phone, it worked :)
 
You must log in or register to reply here.

Similar threads

T
[Help] Problems setting up OpenVPN
Replies
7
Views
319
Thookie
T
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
791
nino_070
N
R
Solved At Wits End. OpenVPN Certificate Connection issue with Asus Router
Replies
4
Views
2K
Clark Griswald
Clark Griswald
Wishmaster1965
Solved OpenVPN Server Issue
Replies
5
Views
961
Wishmaster1965
Wishmaster1965
I
One OpenVPN server and two clients with certificates
Replies
0
Views
842
Igor
I
Similar threads
Thread starter Title Forum Replies Date
T [Solved]Configure Policy based routing for transparent proxy Asuswrt-Merlin 6
W [Solved] RT-AX88U jffs/ubi brain mix Asuswrt-Merlin 26
S [Solved] GT-AX6000 - Temperature not showing Asuswrt-Merlin 4
N (Solved - Bad router) RT-AX88U node causes network instability (3004.388.7) Asuswrt-Merlin 2
B (solved) Dnscrypt blocked-names.txt automatically deleted upon modification Asuswrt-Merlin 4
G Miracast problems solved by router reboot -RT-AC86U 386.12_4 Asuswrt-Merlin 0
W Solved Solved (for me): WiFi issues and/or crashes with Merlin on RT-AC86U Asuswrt-Merlin 1
N HTTPS/SSL Certificate issue when using WWW.NAMECHEAP.COM in DDNS Asuswrt-Merlin 4
M DuckDNS DDNS with Let's Encrypt certificate Asuswrt-Merlin 1
M Importing own certificate broken on 3004.388.6 ? Asuswrt-Merlin 9

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 570 (members: 21, guests: 549)
Top