Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

OpenVPN server denying connections incorrectly?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
The_Great_Sephiroth
Veteran
Veteran


Joined: 03 Oct 2014
Posts: 1523
Location: Fayetteville, NC, USA
PostPosted: Thu Sep 10, 2020 11:13 pm    Post subject: OpenVPN server denying connections incorrectly? Reply with quote
I am running an OpenVPN server and suddenly it is denying connections, claiming that the certificate has expired when they are good through 2023. I verified my certificates were valid on both the client and server using openssl x509 -in whatever.crt -dates -noout and everything is valid. Heck, the CA is good through 2030! When I try connecting however, I get this.
Code:

20200910 16:09:13 174.193.12.137:2721 TLS: Initial packet from [AF_INET]174.193.12.137:2721 sid=70e0b565 24b7f0d1
20200910 16:09:14 N 174.193.12.137:2721 VERIFY ERROR: depth=0 error=CRL has expired: C=US ST=North Carolina L=Fayetteville O=Hidden Company OU=Remote Users CN=Hidden Name emailAddress=hidden.name@gmail.com
20200910 16:09:14 N 174.193.12.137:2721 OpenSSL: error:1417C086:lib(20):func(380):reason(134)
20200910 16:09:14 N 174.193.12.137:2721 TLS_ERROR: BIO read tls_read_plaintext error
20200910 16:09:14 174.193.12.137:2721 NOTE: --mute triggered...
20200910 16:09:14 174.193.12.137:2721 2 variation(s) on previous 3 message(s) suppressed by --mute
20200910 16:09:14 174.193.12.137:2721 SIGUSR1[soft tls-error] received client-instance restarting
20200910 16:09:56 174.193.12.137:2726 TLS: Initial packet from [AF_INET]174.193.12.137:2726 sid=5cfe5ac6 65c6c4f0
20200910 16:09:56 N 174.193.12.137:2726 VERIFY ERROR: depth=0 error=CRL has expired: C=US ST=North Carolina L=Fayetteville O=Hidden Company OU=Remote Users CN=Hidden Name emailAddress=hidden.name@gmail.com
20200910 16:09:56 N 174.193.12.137:2726 OpenSSL: error:1417C086:lib(20):func(380):reason(134)
20200910 16:09:56 N 174.193.12.137:2726 TLS_ERROR: BIO read tls_read_plaintext error

What is going on? The date and time on both the OpenVPN server AND the clients (my laptop and my Galaxy Note 9) are correct.

*EDIT*

My God, I can be a dunce sometimes. I was troubleshooting this in a hurry. I just realized that the CRL expired. Why? No clue. Either way I just have to generate a new one and upload it to the server. Sorry for the trouble. Nothing to see here...
_________________
Ever picture systemd as what runs "The Borg"?
Back to top
View user's profile Send private message
Banana
l33t
l33t


Joined: 21 May 2004
Posts: 746
Location: Germany
PostPosted: Fri Sep 11, 2020 9:09 am    Post subject: Reply with quote
Happens. Thx for writing the solution.
_________________
My personal space
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2021 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy