CLOSED: OpenVPN main cert has expired - are there updated ones available?
Re: OpenVPN main cert has expired - are there updated ones available?
I am not quite sure what error everyone else is getting but mine HDAConnect is saying "Unable to connect because your certificate has expired or the system time is incorrect." I checked both the server and the client date and time, but both are set to the correct time. Is this something to do with Amahi software or did I screw something up?
Re: OpenVPN main cert has expired - are there updated ones available?
As noted in this thread, certificates have expired causing connection failure.
You can monitor the bug report mentioned previously to track progress.
You can monitor the bug report mentioned previously to track progress.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Re: OpenVPN main cert has expired - are there updated ones available?
While this took some doing for a novice like me, I followed this process to set up a Certificate Authority (CA) and generate a certificate and keys for my server and client.
https://openvpn.net/index.php/open-sour ... o.html#pki
This process worked for me on Amahi 8 / Fedora 21. cpg says that this procedure does NOT work on Fedora 25 so ymmv.
The small adjustments I had to make. I had to install easy-rsa with yum install easy-rsa
I had to make var executable with chmod 777
I made all the original certs. and keys .old and dropped the new ones in their place.
Worked like a champ for me.
https://openvpn.net/index.php/open-sour ... o.html#pki
This process worked for me on Amahi 8 / Fedora 21. cpg says that this procedure does NOT work on Fedora 25 so ymmv.
The small adjustments I had to make. I had to install easy-rsa with yum install easy-rsa
I had to make var executable with chmod 777
I made all the original certs. and keys .old and dropped the new ones in their place.
Worked like a champ for me.
Re: OpenVPN main cert has expired - are there updated ones available?
Would you be willing to document this in the wiki?
A step by step would help others.
A step by step would help others.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN main cert has expired - are there updated ones available?
I have thought about going the custom certificate route, but doesn't that make the amahi control panel check fail since it is no longer using an "official" base certificate? My guess is that trying to figure out how to switchout the certificates and keep the amahi control panel check working is why this problem hasn't been resolved already.
Re: OpenVPN main cert has expired - are there updated ones available?
We have a solution. You need to check the bug 2110 for details.
We did not announce it in forums yet as there was a file that needed fixed, plus the wiki guidance and openvpn App need updated.
Recommend in future, you follow the bug report vs forums to track progress. That is our preferred tracking mechanism for issues.
Hope to have the app and wiki guidance updated shortly. Then users will need uninstall/reinstall the app and grab the new client certificates from the wiki. For now, the bug report provides sufficient details to do it manually.
We did not announce it in forums yet as there was a file that needed fixed, plus the wiki guidance and openvpn App need updated.
Recommend in future, you follow the bug report vs forums to track progress. That is our preferred tracking mechanism for issues.
Hope to have the app and wiki guidance updated shortly. Then users will need uninstall/reinstall the app and grab the new client certificates from the wiki. For now, the bug report provides sufficient details to do it manually.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN main cert has expired - are there updated ones available?
You have my apologies - with the color coding of the initial reference to the bug I wasn't able to see it on the monitor I was using at the time (at the office) - now that I am home I can see it fine. I will work through the info in it to see if I can get my setup functioning again. Thanks!
Re: OpenVPN main cert has expired - are there updated ones available?
No worries.
Hopefully the instructions are detailed enough.
We need to get the app updated and the wiki still
Marking this thread as closed. Further issues/questions can be handled in the bug report.
Hopefully the instructions are detailed enough.
We need to get the app updated and the wiki still
Marking this thread as closed. Further issues/questions can be handled in the bug report.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: CLOSED: OpenVPN main cert has expired - are there updated ones available?
I am running into an issue with this - none of the @xxxx@ symbols in the amahi.conf are being evaluated/replaced. Any ideas what is needed to get these to work?
-- Unit openvpn@amahi.service has begun starting up.
Feb 28 09:51:27 localhost.localdomain openvpn[17872]: PLUGIN_INIT: could not load plugin shared object /usr/lib@HDA_ARCH_64@/openvpn/plugins/openvpn-plugin-aut
[root@localhost openvpn]# ls /usr
This is after I manually replaced HDA_NETMASK one earlier in the file.
-- Unit openvpn@amahi.service has begun starting up.
Feb 28 09:51:27 localhost.localdomain openvpn[17872]: PLUGIN_INIT: could not load plugin shared object /usr/lib@HDA_ARCH_64@/openvpn/plugins/openvpn-plugin-aut
[root@localhost openvpn]# ls /usr
This is after I manually replaced HDA_NETMASK one earlier in the file.
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: CLOSED: OpenVPN main cert has expired - are there updated ones available?
Nevermind - I refreshed the bug page and saw the recommendation to uninstall/reinstall - that got it working. Thanks again everyone!
Who is online
Users browsing this forum: No registered users and 51 guests