2
OpenVPN gültiges Zertifkat fehler bei Prüfung
Hallo,
ich möchte OpenVPN nutzen um eine Verbindung zu meinen Server zu bekommen. Mit einen selbst signierten Zertifkat klappte das ohne Probleme. Nun habe ich mich für ein fremdsigniertes von Hosteurope entschieden und bekomme beim OpenVPN Verbindungsaufbau diese Fehlermeldungen.
Tue May 13 10:08:26 2014 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Enter Management Password:
Tue May 13 10:08:32 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:33 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:33 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:33 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue May 13 10:08:33 2014 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
Tue May 13 10:08:33 2014 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Tue May 13 10:08:33 2014 TLS Error: TLS object -> incoming plaintext read error
Tue May 13 10:08:33 2014 TLS Error: TLS handshake failed
Tue May 13 10:08:33 2014 SIGUSR1[soft,tls-error] received, process restarting
Tue May 13 10:08:35 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:35 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:35 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:35 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:36 2014 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
Tue May 13 10:08:36 2014 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Tue May 13 10:08:36 2014 TLS Error: TLS object -> incoming plaintext read error
Tue May 13 10:08:36 2014 TLS Error: TLS handshake failed
Tue May 13 10:08:36 2014 SIGUSR1[soft,tls-error] received, process restarting
Tue May 13 10:08:38 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:38 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:38 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:38 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:38 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 SIGTERM[hard,] received, process exiting
Öffne ich das Zertifikat (die CRT Datei) sehe ich im Zertifizierungspfad, dass alles gültig ist. Also Windows kann die Gültigkeit verifizieren. Warum dann nicht der OpenVPN Client?
Danke für eure Hilfe,
mexx
ich möchte OpenVPN nutzen um eine Verbindung zu meinen Server zu bekommen. Mit einen selbst signierten Zertifkat klappte das ohne Probleme. Nun habe ich mich für ein fremdsigniertes von Hosteurope entschieden und bekomme beim OpenVPN Verbindungsaufbau diese Fehlermeldungen.
Tue May 13 10:08:26 2014 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Enter Management Password:
Tue May 13 10:08:32 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:33 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:33 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:33 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue May 13 10:08:33 2014 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
Tue May 13 10:08:33 2014 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Tue May 13 10:08:33 2014 TLS Error: TLS object -> incoming plaintext read error
Tue May 13 10:08:33 2014 TLS Error: TLS handshake failed
Tue May 13 10:08:33 2014 SIGUSR1[soft,tls-error] received, process restarting
Tue May 13 10:08:35 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:35 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:35 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:35 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:36 2014 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
Tue May 13 10:08:36 2014 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Tue May 13 10:08:36 2014 TLS Error: TLS object -> incoming plaintext read error
Tue May 13 10:08:36 2014 TLS Error: TLS handshake failed
Tue May 13 10:08:36 2014 SIGUSR1[soft,tls-error] received, process restarting
Tue May 13 10:08:38 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 13 10:08:38 2014 UDPv4 link local (bound): [undef]
Tue May 13 10:08:38 2014 UDPv4 link remote: [AF_INET]IP:1194
Tue May 13 10:08:38 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:38 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 TLS Error: Unroutable control packet received from [AF_INET]IP:1194 (si=3 op=P_CONTROL_V1)
Tue May 13 10:08:39 2014 SIGTERM[hard,] received, process exiting
Öffne ich das Zertifikat (die CRT Datei) sehe ich im Zertifizierungspfad, dass alles gültig ist. Also Windows kann die Gültigkeit verifizieren. Warum dann nicht der OpenVPN Client?
Danke für eure Hilfe,
mexx
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedinPlease also mark the comments that contributed to the solution of the article
Content-Key: 237913
Url: https://administrator.de/contentid/237913
Printed on: April 24, 2024 at 20:04 o'clock
2 Comments
Latest comment
Hi,
Das solltest Du noch mal genau prüfen.
Gruß orcape
Warum dann nicht der OpenVPN Client?
Wie hast Du das auf den Client kopiert ?TLS Error: TLS object -> incoming plaintext read error
...Du hast sicher einen Fehler beim kopieren gemacht.Das solltest Du noch mal genau prüfen.
Gruß orcape
Halt dich an das Tutorial hier für die Generierung der Zertifikate, dann klappt das auf Anhieb:
OpenVPN Server installieren auf pfSense Firewall, Mikrotik. DD-WRT oder GL.inet Router
OpenVPN Server installieren auf pfSense Firewall, Mikrotik. DD-WRT oder GL.inet Router
