SoftEther VPN User Forum

Hello. Came here to ask to solve my problem.
System: FreeBSD 9.2 x64, CentOS 6.5 x64, Ubuntu 14.04 x64 (tried all of them)
Client: Windows XP SP3 openvpn-install-2.3.4-I001-i686
SoftEther VPN Server 4.06 Build 9437

I am trying to authorise users without password, just by certificates(with OpenVPN client). Made CA certificate, installed to SoftEther, made certificate for client, added to .ovpn file and to softether. But when I try to connect always getting error:

Sun May 25 00:00:00 2014 us=15625 AUTH: Received control message: AUTH_FAILED
Sun May 25 00:00:00 2014 us=15625 TCP/UDP: Closing socket

Password auth works like a charm!

So maybe somebody figured that problem? Or how to make it work.

Русскоязычные, подскажите кто поборол авторизацию с опенвпн через сертификаты? :) Уже все перепробовал ...

Logs in attachment. Some files that I can't attach:

Hub log:

2014-05-24 23:52:33.151 The connection "CID-7" (IP address: xxx_client, Host name: hosted-by.leaseweb.com, Port number: 60066, Client name: "OpenVPN Client", Version: 4.06, Build: 9437) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "".
2014-05-24 23:52:33.151 Connection "CID-7": User authentication failed. The user name that has been provided was "".

==============================

Open VPN config:

client
dev tun
proto udp

remote xxx
port 989

resolv-retry infinite
nobind

persist-key
persist-tun

verify-x509-name "xxx" name

auth SHA1
cipher AES-256-CBC
keysize 256


reneg-sec 36000
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
register-dns
route-method exe
route-delay 2

keepalive 10 120

verb 6

<ca>
-----BEGIN CERTIFICATE-----
MIIFpzCCA4+gAwIBAgIDAP/xMA0GCSqGSIb3DQEBCwUAMIGVMRYwFAYDVQQDEw0x
cut
rx51U9JW7TN+07Y=
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
MIIEozCCAougAwIBAgIEeJgAATANBgkqhkiG9w0BAQsFADCBlTEWMBQGA1UEAxMN
cut
KY6xwgHxG56o0XMjzoI86Tvmuabr1ObR6daEf9UHmbADLUR8EljP
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA5WJaxOCY0/8bGsQ+2AWvsL6OZqj4bbBdcxpdTops6nHB7mes
cut
Xwff5gp3+6+QnAmTE7nCcng7TaenNkgcngOlwLFeeUKH8NazsdAy
-----END RSA PRIVATE KEY-----
</key>

Made user with certificate authorization.
When trying to connect with SoftEther VPN Client all is ok:

The auth type provided is "Certificate authentication" and the user name is "xxx".

and authorization goes like it should with transfer of certificate

When trying to connect with OpenVPN Client auth fails:

The auth type provided is "External server authentication" and the user name is "".

So as you can see it is providing wrong auth type and no user name. (Even if I force to transfer user name - auth fails.)

Help please, where to dig ? Maybe problem is in auth type ? (some limit in source code?)

anybody?

thisjun, maybe you can help to solve my problem? Or have author contacts.. Please!

dnobori, help please!!

The certificate authentication method is only available for SoftEther VPN Client.

SoftEther VPN Server supports only password authentication for the OpenVPN protocol.

Do you plan to make this in feature ?

Yes we have a plan, but I suppose you can contribute it.

How I can help if I am not a coder?
I only can help with translates and etc. Or donates :)