Project

General

Profile

Bug #11362

Peer Certificate Options Missing when creating new Server in 2.5x in User/Auth Mode

Added by John Griffin 2 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
02/03/2021
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.5.x
Affected Architecture:
Release Notes:
Default

Description

When creating a new OpenVPN Server in 2.5x, if you choose "User Auth" mode, you cannot save, as it insists that the Selected Certificate is not Valid. The option to choose a certificate is not available in the UI once you choose User Auth mode.

I have replicated this behaviour FireFox and Chrome and Edge.

Go to OpenVPN -> Servers -> New
Change Server Mode to [Remote Access (User Auth)]

The option to select a CA and Server Cert disappears however is required to save. If you choose set these and then change the server mode, it appears happy.

Associated revisions

Revision bfde8f08 (diff)
Added by Viktor Gurov 2 months ago

OpenVPN input validation fix. Issue #11362

History

#2 Updated by Viktor Gurov 2 months ago

  • Target version set to 2.5.0

#3 Updated by Renato Botelho 2 months ago

  • Status changed from New to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

#4 Updated by Viktor Gurov 2 months ago

  • Status changed from Feedback to Resolved

2.5.0.a.20210203.1432 fixed

#5 Updated by Danilo Zrenjanin 2 months ago

  • Status changed from Resolved to Feedback

Tested on the latest release.

I could successfully apply the changes without error messages, but the OpenVPN server failed to start.

Here are the logs:

Feb 4 09:08:26     openvpn     9667     WARNING: POTENTIALLY DANGEROUS OPTION --verify-client-cert none|optional may accept clients which do not present a certificate
Feb 4 09:08:26     openvpn     9667     Options error: --capath fails with '/var/etc/openvpn/server1/ca': No such file or directory (errno=2)
Feb 4 09:08:26     openvpn     9667     Options error: Please correct these errors.
Feb 4 09:08:26     openvpn     9667     Use --help for more information. 

#6 Updated by Viktor Gurov 2 months ago

  • Status changed from Feedback to Closed

fix in #11368

Also available in: Atom PDF