Hi, I installed a VPN-Server on my Ubuntu installation. I generated client certificates with easy-rsa and copied the 3 files and the server.opvn to my Iphone. server.ovpn:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | remote rene-penkert.de port 1194 proto udp dev tap dev-node openvpn ca "ca.crt" key "iphone.key" cert "iphone.crt" ns-cert-type server comp-lzo pull |
Now i can´t connect via my Iphone because there is a error:
1 | PolarSSL: error parsing ca certificate : X509 - The CRT/CRL/CSR format is invalid |
I googled the problem an there are a problem with the type of the certificate, solution would be:
1 | openssl pkcs12 -in Iphone.crt-out output-cert.pem-nocerts |
but i got these errors:
1 2 | 140404825904800:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 140404825904800:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS12 |
i also tried to include the certificates direct in the openvpn file like:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | remote serverAdress port 1194 proto udp dev tap dev-node openvpn ns-cert-type server comp-lzo pull <ca> -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- </cert> <key> -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- </key> |
But there is the same PolarSSL exception...
Bearbeitet von pepre:
This is a german forum. Please use http://ubuntuforums.org/.