Bug 12565

Summary: Core 153: OpenVPN generated Certs are not RFC3280 compliant
Product: IPFire Reporter: Daniel Weismüller <daniel.weismueller>
Component: ---Assignee: Erik Kapfer <ummeegge>
Status: CLOSED DUPLICATE QA Contact:
Severity: Security    
Priority: - Unknown - CC: michael.tremer
Version: 2   
Hardware: all   
OS: Unspecified   

Description Daniel Weismüller 2021-01-20 09:43:03 UTC 
I have a few IPFire installations which are in use for a few years now.
So the OpenVPN Certs were outdated.

Despite deleting the x509 configuration and recreating the certificates, the message: "The host certificate is not RFC3280 compliant" remains.

A closer look shows me that the ovpn.cnf are still outdated although my IPFire ist updated to Core 153

6553889 -rw-r--r-- 1 nobody nobody 2.5K Jun 14  2016 /var/ipfire/ovpn/openssl/ovpn.cnf

After I changed the file to this one everything works for me now.
https://git.ipfire.org/?p=ipfire-2.x.git;a=blob_plain;f=config/ovpn/openssl/ovpn.cnf;hb=refs/heads/core123
Comment 1 Michael Tremer 2024-03-19 16:04:39 UTC 

*** This bug has been marked as a duplicate of bug 13634 ***