Menu
▾
▴
Re: [Openvpn-users] Certificate does not have key usage extension
|
From: Josh <jv...@us...> - 2016-05-26 15:08:44
|
On 05/26/2016 09:47 AM, Jan Just Keijser wrote: > Hi Josh, > > it's the *SERVER* certificate which is failing here: > > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > > > check whether the server cert was built with 'serverAuth' enabled. > > HTH, > > JJK > Thank you very much! You are right, TinyCA had nothing in keyUsage and extendedKeyUsage for server certificate settings. I compared server certificate created by latest easy-rsa and added the same values in my TinyCA2 setup. Connection works now. Best Regards, Josh. PS. I am puzzled how it has been working for two years until recent expiration... |
