OpenVPN TLS ERROR: self signed certificate

Hallo members,
I made the setup of my second IPFire-box - and it doesn’t work - any help?
about: there ist another topic with the same error - but I have a single access point

failure:
VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: CN=VPN
OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object → incoming plaintext read error
TLS Error: TLS handshake failed
SIGUSR1[soft,tls-error] received, process restarting

my configuration:
ipfire behind a FritzBox with portforwarding to 1194
the FritzBox is reachable via {domain.dyndns.org}

what i did:
after installation I manually created the Host certificats (server.key, server.csr, server.crt) - because I changed the HOSTNAME with the to {HOST} and DOMAINNAME to {domain}

Must the names given in the parameters during the and the generating process of the root/host certificate (“ipFire’s Host Name”) be equal or can they be different?

What is with the parameter “local VPN Host-Name/IP”? I used the {domain.dyndns.org} expression.
Yes, I can do a complete new setup - but I want to understand the error mesage -:slight_smile:
I would be very happy if there is a help - thank you very much