Hi, I installed a VPN-Server on my Ubuntu installation. I generated client certificates with easy-rsa and copied the 3 files and the server.opvn to my Iphone. server.ovpn:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | remote rene-penkert.de port 1194 proto udp dev tap dev-node openvpn ca "ca.crt" key "iphone.key" cert "iphone.crt" ns-cert-type server comp-lzo pull |
Now i can´t connect via my Iphone because there is a error:
1 | PolarSSL: error parsing ca certificate : X509 - The CRT/CRL/CSR format is invalid |
I googled the problem an there are a problem with the type of the certificate, solution would be:
1 | openssl pkcs12 -in Iphone.crt-out output-cert.pem-nocerts |
but i got these errors:
1 2 | 140404825904800:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 140404825904800:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS12 |
i also tried to include the certificates direct in the openvpn file like:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | remote serverAdress
port 1194
proto udp
dev tap
dev-node openvpn
ns-cert-type server
comp-lzo
pull
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
</key>
|
But there is the same PolarSSL exception...
Bearbeitet von pepre:
This is a german forum. Please use http://ubuntuforums.org/.
