Hi, On Fri, Apr 17, 2015 at 11:22:12AM -0400, Chris Ross wrote: > At this point, I now at least know what OpenSSL and crypto libraries my > openvpn binary is linked against and can speak more correctly about them.
Just for the record - we added code in 2.3.4 or so which will actually
tell you the openssl library version at startup :-) - helps clarify things.
> Apr 17 11:17:45 bifr?st openvpn[17201]: A.B.C.D:52232 VERIFY ERROR: depth=0,
> error=unsupported certificate purpose: C=US, ST=Maryland, O=Distal Thoughts,
> CN=client.outside.net
"unsupported certificate purpose" is definitely the cause for the error,
but I'm not sure where it's coming from - there are some flag fields in
a cert, for "server usage" and "not server usage", and this has bitten me
as well in the past. easy-rsa should get this right, though, as long as
you do create the server cert with "build-key-server" and the client cert
with "build-key"...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgptTK_3diryk.pgp
Description: PGP signature
------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
