OpenVPN Warning: UNTRUSTED SSL certificate, but installation looks okay

Question

I am using OpenVPN to connect to a vpn server I've set up and installed an SSL cert on. When I check the SSL cert on Digicert, for example, it appears to be installed correctly, but OpenVPN continues to give me an error

The server has an UNTRUSTED SSL certificate.

And when I click on "More details..." I get a more verbose answer (which doesn't seem to be copyable) telling me the issue is that there's a self signed certificate in the certificate chain. It's a GoDaddy cert.

Any idea what I'm missing here?

score 0 · Answer 1 · answered Jul 05 '17 at 15:32

A typical OpenVPN setup will use self signed certificates, eg using the EasyRSA scripts from the OpenVPN site rather than certificates from GoDaddy or any other standard certificate provider. As such if you use standard tools to verify the certificate chain it will complain that one or more of the certificates are untrusted.

If OpenVPN is generating the Untrusted SSL in the logs, you might be missing the "ca" line in your configs. Without seeing errors it's difficult for anyone to give advice.

Keep in mind, for purposes of OpenVPN ssl certs are to provide encryption, not trust.

I was just getting a GUI popup, but I'll see if I can find the logs to get more details. — wogsland, Jul 05 '17 at 17:31

OpenVPN Warning: UNTRUSTED SSL certificate, but installation looks okay

1 Answers1