On 22/12/2020 17:43, Raúl Uría Elices wrote: > Hi, > > I´m trying to connect to my vpn server, using tunnelblick, but thinking > this is a openssl stuff... may be I am wrong. > > > When connecting I got (XX is a placeholder) : > > 2020-12-22 17:32:49.423703 VERIFY ERROR: depth=0, error=format error in > certificate's notAfter field: C=es, L=PXXXX, O=XX, CN=XX, > emailAddress=XX, serial=17702460327850242852 > > I have checked this: > https://mta.openssl.org/pipermail/openssl-users/2019-March/010018.html , > but seems to be something different. > > When checking UTC field for server CA cert, I got: > > % openssl asn1parse -in ca.crt | grep UTC > 207:d=3 hl=2 l= 13 prim: UTCTIME :170908154452Z > 222:d=3 hl=2 l= 13 prim: UTCTIME :360718151218Z I don't see anything obviously wrong with those encodings. Are you willing to share the actual certificate? Matt
