hi . when install openvpn connect 1.1.14
https://play.google.com/store/apps/deta ... pn.openvpn
success to install in androiod . but when import profile and connect , when check cer by server openvpn client rejected and say
OpenVPN Server certificate verification failed: PolarSSL: SSL read error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
how to sloved a problem ?
OpenVPN Connect 1.1.14 problem with softether server
-
soheilsh
- Posts: 15
- Joined: Fri Mar 29, 2013 12:20 pm
-
dnobori
- Posts: 230
- Joined: Tue Mar 05, 2013 10:04 am
Re: OpenVPN Connect 1.1.14 problem with softether server
You have to put intermediate certificates and the root certificate on the "chain_certs" directory on your VPN Server program.
-
dnobori
- Posts: 230
- Joined: Tue Mar 05, 2013 10:04 am
Re: OpenVPN Connect 1.1.14 problem with softether server
We released SoftEther VPN 4.07 Build 9448 (June 6, 2014).
http://www.softether.org/5-download/history
The problem with OpenVPN Connect for Android 1.1.14 has been fixed. In the previous versions, OpenVPN Connect for Android 1.1.14 reports "PolarSSL Error" when it connects to the SoftEther VPN Server, if the server SSL certificate is self-signed root certificate. This X.509 certificate parsing problem is OpenVPN Connect's bug, however we performed work around for this OpenVPN Connect's bug. Please mind that you need to regenerate your self-signed root certificate in order to comply with OpenVPN Connect at once after upgrading the VPN Server to this version. To regenerate the certificate, use the GUI tool on VPN Server Manager, or execute the "ServerCertRegenerate" command on vpncmd.
The automated root certificate and intermediate certificates downloading function has been implemented. It is very helpful when you use a commercial certificate which has been issued by a commercial CA (Certificate Authority), including VeriSign, GlobalSign or RapidSSL. In previous versions, you had to install the root certificate and intermediate certificates manually into the "chain_certs" directory. On this version, you do not need any longer to do such a manual installation of chained certs.
The OpenVPN configuration file generating function identifies the root certificate correctly, in order to embed it as the "<ca>" inline directive in the auto-generated OpenVPN configuration file. It is very helpful if you are using a commercial certificate which has been issued by a commercial CA (Certificate Authority), including VeriSign, GlobalSign or RapidSSL. (In previous versions, you had to perform the editing task for the OpenVPN configuration file manually.)
http://www.softether.org/5-download/history
The problem with OpenVPN Connect for Android 1.1.14 has been fixed. In the previous versions, OpenVPN Connect for Android 1.1.14 reports "PolarSSL Error" when it connects to the SoftEther VPN Server, if the server SSL certificate is self-signed root certificate. This X.509 certificate parsing problem is OpenVPN Connect's bug, however we performed work around for this OpenVPN Connect's bug. Please mind that you need to regenerate your self-signed root certificate in order to comply with OpenVPN Connect at once after upgrading the VPN Server to this version. To regenerate the certificate, use the GUI tool on VPN Server Manager, or execute the "ServerCertRegenerate" command on vpncmd.
The automated root certificate and intermediate certificates downloading function has been implemented. It is very helpful when you use a commercial certificate which has been issued by a commercial CA (Certificate Authority), including VeriSign, GlobalSign or RapidSSL. In previous versions, you had to install the root certificate and intermediate certificates manually into the "chain_certs" directory. On this version, you do not need any longer to do such a manual installation of chained certs.
The OpenVPN configuration file generating function identifies the root certificate correctly, in order to embed it as the "<ca>" inline directive in the auto-generated OpenVPN configuration file. It is very helpful if you are using a commercial certificate which has been issued by a commercial CA (Certificate Authority), including VeriSign, GlobalSign or RapidSSL. (In previous versions, you had to perform the editing task for the OpenVPN configuration file manually.)