Hi Nikos, They're all generated using the manual on ocserv's website. CA certs share the same template, and the server certificates only differs on CN - I use IP address of the servers as the CN. Thanks, TZ On 3/20/2014 9:17 AM, Nikos Mavrogiannopoulos wrote: > On Sat, Mar 15, 2014 at 1:48 AM, Tony Zhou <tonytzhou at gmail.com> wrote: >> Hi all, >> I have recently migrated an ocserv server from Xen to KVM platform with same >> settings except for IP address and re-generated certificate. After the >> migration all the other clients are fine except for iOS - it always prompts >> "The certificate on the secured gateway is invalid. A VPN connection will >> not be established". Here's the environment: > Hello, > Do you have the old and the new certificate to compare? > > regards, > Nikos
