When I create an Connection (on the ipfire) with a password p12 file.
I download the zip package, i add the p12 file to certificates and tokens, import the .ovpn file.
When I try to connect I get the following error : opensslcontext: CA not defined
Is this a mistake in the ipfire (which makes the .ovpn and .p12 files) OR is it a mistake in the
OpenVPN client.
I can only import/create & Use connections that DO not have a password attached.
My goal Is to have the VPN protected with at least a password OR an OTP.
Both OTP Or passwords are not working with this combination of ipfire and OpenVPN Connectā¦
Does anybody have any clue on what to change or do ?
Hiā¦
The global TLS version is checked (TLS 1.3)
Yes I added a test connection to roadwarriorā¦
Yes I added the .p12 file to certificate & Tokens
Then imported the .ovpn And linked the .p12 certificate to the connection
Still the same result : OpenSSLContext: CA not defined
Somehow i get the feeling that the information INSIDE the ovpn file is missing the CA and/or other data
Like this it is less secure because the certificate is in plain text. Normally the client and the OS would find the certificates from the .p12 file and everything would work smoothly. For some reason this is failing in your setting, but this is not normal. IPFire could create automatically an .ovpn with all the certificates embedded if you go for the unsecure route.
I tried to add the certificate using the ca tags from a .ovpn file from an insecure packageā¦
This was not working
It all looks so nice in specs, but if its not working and our VPNās are working without any form of name/passwords or OTP challengesā¦ It is simply insecure so NOT usable !!
If somebody gains access to our āunsecureā vpn connection files or our windows machines they gain access to our environment. (this is NOT an option)
something is very wrong with your setting, the certificate cannot be missed if embedded in the .ovpn This has never failed before in ios, macos or android, in my tests.
EDIT: try to extract it from a secure .p12 as highlighted in the post above. Openssl before writing in clear text it will ask for the password.
you are not, but you are the first to report this issue. If you search the forum you will find several windows users that had trouble importing the certificates that were solved by following the instructions given by other members of this forum.
I would just like to remind you that there are two editions/versions of the openvpn client available on openvpn.net .
the āofficialā version - OpenVPN Connect
the Community Edition version
These editions, differ in the way they are configured.
Differences in configuration, have been a source of trouble, reported and explained on the IPFire forum.