Page 1 of 1

OVPN:require client certificate not working anymore [SOLVED]

Posted: Fri Mar 21, 2014 2:51 pm
by CPromper
Hello,

I've updated from v6.10 to v6.11 and the OVPN option "require client certificate" doesn't work anymore!

If I remove the option I can login again with OpenVPN client on iPhone.

But with this option set I can't login (in 6.10 it worked).

Can anyone confirm it?

Best regards

Carsten

Re: OVPN: require client certificate not working anymore

Posted: Fri Mar 21, 2014 2:56 pm
by mrz
Is client certificate from the same CA chain?

Re: OVPN: require client certificate not working anymore

Posted: Fri Mar 21, 2014 4:43 pm
by revizor
Confirming, after updating to 6,11 i have the same problem.

Re: OVPN: require client certificate not working anymore

Posted: Fri Mar 21, 2014 11:19 pm
by elgrandiegote
I have exactly the same problem
Downgrade to 6.10

Re: OVPN: require client certificate not working anymore

Posted: Sat Mar 22, 2014 5:54 pm
by bramfm
Same problem here..... :(

Re: OVPN: require client certificate not working anymore

Posted: Sat Mar 22, 2014 8:33 pm
by yozz
yes.. problems is it.

Re: OVPN: require client certificate not working anymore

Posted: Mon Mar 24, 2014 6:09 pm
by CPromper
Hello mrz,

yes, I only have one CA installed, and the client certificate is signed by this CA.

Downgraded to 6.10 and it works again.

I have seen that there was an issue with the client certificate option (that I did not have)
because the changelog of 6.11 says:
*) ovpn - fixed require-client-certificate

Regards

Carsten

Re: OVPN: require client certificate not working anymore

Posted: Mon Mar 24, 2014 8:46 pm
by patrickmkt
Same problem for me.
I have CA and intermediate CA with LT status in ROS.

Re: OVPN: require client certificate not working anymore

Posted: Thu Mar 27, 2014 3:38 pm
by emuell
i can also confirm that since v6.11 "require-client-certificate" option does not work anymore!

Re: OVPN: require client certificate not working anymore

Posted: Thu Mar 27, 2014 4:22 pm
by mrz
Will be fixed in next version. It is related to CRL.

Re: OVPN: require client certificate not working anymore

Posted: Wed Apr 02, 2014 3:14 pm
by fievel
When is planned the next version ?

Re: OVPN: require client certificate not working anymore

Posted: Wed Apr 16, 2014 1:06 pm
by CPromper
Hi folks,

today I upgraded to version 6.12 and openvpn didn't work.

The flags of the CA and the router certificate after updating was only a big "T"

After I deleted the certificates (CA and signed certificate for router) and imported them again everythings works as expected. <== (I didn't do this step in 6.11, maybe it works also here???)

The flags are: for CA = "AT" and for the router cert = "KT"

So, the option "Require Client Certificate" in version 6.12 works.

Best regards