• proctor

    proctor - 2007-05-31


    i have tried 0.4.6, 0.6.0beta and 0.6.2 for use with openvpn.  so far only 0.4.6 works properly.  both of the other (newer) versions receive tls handshake failure when trying to authenticate.

    i wonder if anyone else has any insight into this issue, and/or could offer any advice.

    thanks for all help,


    • Christian Hohnstaedt

      Can you attach the working and the non working certificate
      or at least send them to me in a private mail to examine them ?
      Did you ask OpenVPN forums for help. maybe there are some mandatory
      extensions that must be set. I think I remember, that the Netscape
      extension "ssl server" must be set, but I'm not sure.

      If we can work out a good template for OpenVPN, I can add it as
      a one of the default templates in the next release.

      • proctor

        proctor - 2007-06-16

        are there default extensions set in 0.4.6 that are not set in later versions?

        i have some time this weekend to make the files.  i will send them to you.


        • Christian Hohnstaedt

          The problem with SHA1 and SHA256 is, that SHA1 can be considered insecure
          in some circumstances, and on the other hand SHA256 and greater
          don't work on older Windows versions.

          Therefore XCA has an options dialog, where the default hash algo can be set
          that will be used by default, whenever something is signed.

          • proctor

            proctor - 2007-06-25

            perfect, thanks.

      • proctor

        proctor - 2007-06-17

        hi christian,

        after looking into this further today, it seems that the issue is that my windows exe does not support anything larger than sha1.  the default signature algorithm in 0.6.3 is sha256.

        thank you for your condideration.


    • proctor

      proctor - 2007-06-17

      ps.  my certificates work properly using all defaults *except* signature algorithm.  no special extensions are needed.


    • Frankie

      Frankie - 2007-06-19

      many years I used xca 0.4.x, now I plan use new version 0.6.3. Is here possibility to simple convert old db format from xca version 0.4.x to new one used in xca 0.6.3 ? (I know, one way is export - import certs ..., but I have too many certs)
      thanks for all help,

    • Carlo

      Carlo - 2007-08-09

      I also tried to use XCA for my certs in OpenVPN. Mine always seem to fail on the TLS error: BIO read tls_read_plaintext error... I have set it to SHA1 but still the errors remain. Proctor if you read this could you explain the steps you did to get working certs? I am using pfsense Openvpn server implementation. (creating them with easy-rsa works)

      Thx for any help!


      • proctor

        proctor - 2007-08-09

        hi carlo,

        i don't have my xca installed here (at work), but the basics of what i did is quite simple.

        -- create 1 self-signed (master) certificate
        -- create 2 (or more) certificates and sign them with the self-signed master
        -- export the certs and keys of the secondary certs, and the cert of the master
        -- incorporate these into your *.conf files

        i guess you will need diffie-hellman parameters too.  since you already have it working with easy-rsa i imagine you already know all this however...

        make sure that all certs use sha1 if you will use windows


        send me a more complete log if you like...

    • Carlo

      Carlo - 2007-08-10

      Hi Proctor,

      Thanks for your input. Let me show you exactly what i tried.

      First I create the master Cert:


      1. Create SS Cert with serial 1
      2. Sig alg: SHA1


      1. filled in the 8 boxes with my data
      2. Add common name to the box below just like common name above
      3. Generate Key Name as commonname with keysize 2048 RSA

      Now with this setup the Cert cannot sign another Cert so i have to enable some other options:

      4. Extensions: Type: select CA
      5. Key Usage: CA Sign

      Now i can create other Certs for my server and clients:

      I follow the same steps as above but without extra options 4 & 5.

      When i click create it will complain about the date but i just go ahead.

      I take the DH Para from an easy-rsa and the the other files needed to setup the pfsense Openvpn server.
      And I put the needed files on the client.

      All Certs and keys i export as default option.

      When i setup the client and server and try to connect i get this error:

      Fri Aug 10 10:24:57 2007 VERIFY OK: depth=1, /C=**/ST=**/L=**/O=**/OU=**/CN=**/emailAddress=**@**.**/CN=**
      Fri Aug 10 10:24:57 2007 VERIFY nsCertType ERROR: /C=**/ST=**/L=**/O=**/OU=**/CN=**/emailAddress=**@**.**, require nsCertType=SERVER
      Fri Aug 10 10:24:57 2007 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
      Fri Aug 10 10:24:57 2007 TLS Error: TLS object -> incoming plaintext read error
      Fri Aug 10 10:24:57 2007 TLS Error: TLS handshake failed


      Ok so I checked a little deeper because of the nscerttype error and did the following:

      I recreated the Server and Client certs but now in the Netscape tab for server i choose:

      for server: SSL server
      for client: SSL client

      Now it does seem to work :)

      I don't know which option in my config are needed and which I may have added extra which are not used.
      If you have any other suggestions please let me know, I'm a noob in Certificates (except from the one i get at kindergarten for successfully tying my shoes) so any improvements are appreciated.

      Ones its working correctly I will post a little howto on the OpenVPN forum.

      BTW, why can't we create DH with XCA?


      • proctor

        proctor - 2007-08-10

        here is an article describing it a bit better than i do:

        "The Diffie-Hellman key exchange is vulnerable to a man-in-the-middle attack. In this attack, an opponent Carol intercepts Alice's public value and sends her own public value to Bob. When Bob transmits his public value, Carol substitutes it with her own and sends it to Alice. Carol and Alice thus agree on one shared key and Carol and Bob agree on another shared key. After this exchange, Carol simply decrypts any messages sent out by Alice or Bob, and then reads and possibly modifies them before re-encrypting with the appropriate key and transmitting them to the other party. This vulnerability is present because Diffie-Hellman key exchange does not authenticate the participants. Possible solutions include the use of digital signatures and other protocol variants."

    • proctor

      proctor - 2007-08-10

      hi carlo,

      it is strange you need to specify the nscerttype, unless somewhere there are different defaults being used.  in my case, i left all the options blank/default except for sha1.  one thing i did do is use the template system of xca, so i didn't have to fill in all the details each time.  not sure if doing it that way changes defaults somewhere else....

      you are right about specifying the cert type 'ca' for the 'master', i forgot about that step.

      diffie-hellman is not really part of the pki set up by xca.  dh is used to create/exchange a symmetric key for information encryption, but does not in itself use pki per se.  the certificates you create with xca can be used to authenticate the parties who are using dh, and dh is used to (re)create session keys at certain intervals.  the authentication part is up to xca.


Log in to post a comment.