Differences between revisions 1 and 6 (spanning 5 versions)
Revision 1 as of 2017-08-02 20:55:24
Size: 147
Editor: PieterSmit
Comment:
Revision 6 as of 2018-07-11 23:25:52
Size: 1201
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
= OpenVpn Notes and example =  = OpenVpn Notes and example =
Line 5: Line 5:
 * Using more than one CA, stacked in same file https://community.openvpn.net/openvpn/wiki/Using_Certificate_Chains
 * 2018 - Using PSK(pre-shared keys) only a point to point link can be established, for a server with multiple clients use CA and certs.
 * 2018 Python script to gen selfsigned certs and client certs [[https://gist.github.com/diepes/a7c3a53ed94c587803e20e6576ea4525#file-openvpn_gen-py]]
   * idea is to create them, thow away ca key, deploy config. When adding re-gen or [[https://community.openvpn.net/openvpn/wiki/Using_Certificate_Chains|stack server CA]]
== Errors ==
 * {{{ openvpn: VERIFY ERROR: depth=0, could not extract X509 subject string from certificate }}}
   * Caused by not adding a CN to the certificate when created.

 * {{{ openvpn[...]: TLS Error: Unroutable control packet received from [AF_INET] ... (si=3 op=P_CONTROL_V1) }}}
   * Add '''client''' to config in addition to tls-client to allow client to accept ip from server
   * remove '''topology''' mode setting from client.'
Line 8: Line 19:
----
CategoryVpnTunnel

OpenVpn Notes and example

Errors

  •  openvpn: VERIFY ERROR: depth=0, could not extract X509 subject string from certificate 

    • Caused by not adding a CN to the certificate when created.

  •  openvpn[...]: TLS Error: Unroutable control packet received from [AF_INET] ... (si=3 op=P_CONTROL_V1) 

    • Add client to config in addition to tls-client to allow client to accept ip from server

    • remove topology mode setting from client.'

...

CategoryVpnTunnel

OpenVpn (last edited 2019-01-09 21:33:08 by PieterSmit)