AW: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

 

this is the output of „-dates“:

 

C:\Program Files\OpenVPN\bin>openssl.exe x509 -dates -subject -noout -in ..\config\SSL_HUG1@xxxxxxxxxxxxxxxxxxxxxxx\l1139218.vt-security.de.ca.crt

notBefore=Oct 22 13:28:29 2009 GMT

notAfter=Mar  8 13:28:29 2037 GMT

subject=C = de, L = Dortmund, O = Versatel, CN = Versatel VPN CA, emailAddress = admin@xxxxxxxxxxxxxx

 

Would it be OK if I send the crt file to only your mail adress? I don't feel save by posting it to the mailing list ;-)?

 

Best regards

 

Wolfgang

 

Von: Jan Just Keijser <janjust@xxxxxxxxx>
Gesendet: Montag, 4. März 2019 10:07
An: Wolfgang Knauf <WKnauf@xxxxxxxxxxxx>; openssl-users@xxxxxxxxxxx
Betreff: Re: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

 

Hi,

On 04/03/19 09:08, Wolfgang Knauf wrote:

Hi,

 

I first asked this question in the OpenVPNGui forum, and they redirected me to here: OpenVPNGui 2.4.6 works with a customers server certificate, but it fails when using 2.4.7.

 

Here is the thread in the OpenVPNGui forum: https://forums.openvpn.net/viewtopic.php?f=24&t=27976

 

The error is:

Thu Feb 28 08:48:50 2019 VERIFY ERROR: depth=0, error=format error in certificate's notAfter field: C=de, L=Dortmund, O=Versatel, CN=ASG_1, emailAddress=...

 

The certificate has those fields:

        Validity

            Not Before: Oct 22 13:28:29 2009 GMT

            Not After : Mar  8 13:28:29 2037 GMT

 

The customer provided us with a „…..ca.crt“ file, a „….user.crt“ file and a „user.key“ file. But I fear it is not smart to post those files in the internet ;-).

 

 

you can safely post the client.crt file - it is public info and useless without the key file. 

Having said that, I just created a certificate set to expire on Mar 9 2037 and it passed the following command:
  c:\program files\openvpn\bin\openssl x509 -dates -subject -noout -in mycert.crt

can you run the same command on the failing certificate?

HTH,

JJK / Jan Just Keijser


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux