AW: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field
WKnauf at hg-online.de
Mon Mar 4 09:22:41 UTC 2019
this is the output of "-dates":
C:\Program Files\OpenVPN\bin>openssl.exe x509 -dates -subject -noout -in ..\config\SSL_HUG1 at l1139218.vt-security.de\l1139218.vt-security.de.ca.crt
notBefore=Oct 22 13:28:29 2009 GMT
notAfter=Mar 8 13:28:29 2037 GMT
subject=C = de, L = Dortmund, O = Versatel, CN = Versatel VPN CA, emailAddress = admin at vt-security.de
Would it be OK if I send the crt file to only your mail adress? I don't feel save by posting it to the mailing list ;-)?
Von: Jan Just Keijser <janjust at nikhef.nl>
Gesendet: Montag, 4. März 2019 10:07
An: Wolfgang Knauf <WKnauf at hg-online.de>; openssl-users at openssl.org
Betreff: Re: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field
On 04/03/19 09:08, Wolfgang Knauf wrote:
I first asked this question in the OpenVPNGui forum, and they redirected me to here: OpenVPNGui 2.4.6 works with a customers server certificate, but it fails when using 2.4.7.
Here is the thread in the OpenVPNGui forum: https://forums.openvpn.net/viewtopic.php?f=24&t=27976
The error is:
Thu Feb 28 08:48:50 2019 VERIFY ERROR: depth=0, error=format error in certificate's notAfter field: C=de, L=Dortmund, O=Versatel, CN=ASG_1, emailAddress=...
The certificate has those fields:
Not Before: Oct 22 13:28:29 2009 GMT
Not After : Mar 8 13:28:29 2037 GMT
The customer provided us with a ".....ca.crt" file, a "....user.crt" file and a "user.key" file. But I fear it is not smart to post those files in the internet ;-).
you can safely post the client.crt file - it is public info and useless without the key file.
Having said that, I just created a certificate set to expire on Mar 9 2037 and it passed the following command:
c:\program files\openvpn\bin\openssl x509 -dates -subject -noout -in mycert.crt
can you run the same command on the failing certificate?
JJK / Jan Just Keijser
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users