Openvpn

openvpn certificate signature failure

CentOS and Fedora has stopped support for md5 certificates At client side if you get following error server log usually /var/log/messages VERIFY ERROR: depth=0, error=certificate signature failure: <snip> TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed TLS Error: TLS object -> incoming plaintext read error TLS Error: TLS handshake failed Fatal TLS error (check_tls_errors_co), restarting To fix this: vi /etc/systemd/system/NetworkManager.service and add following .include /usr/lib/systemd/system/NetworkManager.service [Service] Environment="OPENSSL_ENABLE_MD5_VERIFY=1 NSS_HASH_ALG_SUPPORT=+MD5" Now restart daemon