AW: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

Wolfgang Knauf WKnauf at
Mon Mar 4 09:22:41 UTC 2019


this is the output of "-dates":

C:\Program Files\OpenVPN\bin>openssl.exe x509 -dates -subject -noout -in ..\config\SSL_HUG1 at\
notBefore=Oct 22 13:28:29 2009 GMT
notAfter=Mar  8 13:28:29 2037 GMT
subject=C = de, L = Dortmund, O = Versatel, CN = Versatel VPN CA, emailAddress = admin at

Would it be OK if I send the crt file to only your mail adress? I don't feel save by posting it to the mailing list ;-)?

Best regards


Von: Jan Just Keijser <janjust at>
Gesendet: Montag, 4. März 2019 10:07
An: Wolfgang Knauf <WKnauf at>; openssl-users at
Betreff: Re: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field


On 04/03/19 09:08, Wolfgang Knauf wrote:

I first asked this question in the OpenVPNGui forum, and they redirected me to here: OpenVPNGui 2.4.6 works with a customers server certificate, but it fails when using 2.4.7.

Here is the thread in the OpenVPNGui forum:

The error is:
Thu Feb 28 08:48:50 2019 VERIFY ERROR: depth=0, error=format error in certificate's notAfter field: C=de, L=Dortmund, O=Versatel, CN=ASG_1, emailAddress=...

The certificate has those fields:
            Not Before: Oct 22 13:28:29 2009 GMT
            Not After : Mar  8 13:28:29 2037 GMT

The customer provided us with a "" file, a "....user.crt" file and a "user.key" file. But I fear it is not smart to post those files in the internet ;-).

you can safely post the client.crt file - it is public info and useless without the key file.

Having said that, I just created a certificate set to expire on Mar 9 2037 and it passed the following command:
  c:\program files\openvpn\bin\openssl x509 -dates -subject -noout -in mycert.crt

can you run the same command on the failing certificate?


JJK / Jan Just Keijser
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list