Page 1 of 1

OVPN and certificates.

Posted: Tue Jul 22, 2014 8:56 pm
by patrickmkt
Since around ROS 6.5 or 6.6 I can't connect anymore to ROS OVPN server with certificates.
It does work if I uncheck the Require Client Certificate on the OVPN server tab, but I got a TLS failure log entry if it's checked. It was working before with the certificates.

There were a lot of certificates bugs on ROS around that time and I didn't really explored more as the OVPN was a backup access for me. Today I got a little time and tried to investigate on ROS 6.17.

I updated my certs, checked that the whole chain is correct and still the same problem.
What's funny is that I'm using the same pair of certs for the SSTP connection that does work.

Is there a different way to handle certificates for the SSTP and OVPN server in ROS? Any key length/crypto that works in one and not the other? Any different mechanism to check the validity of the cert?

Re: OVPN and certificates.

Posted: Wed Nov 05, 2014 5:32 pm
by patrickmkt
ROS 6.21.1 certificate and CRL handling corrections seem to have fixed my problem with the TLS error. :)