Hello,

I've updated from v6.10 to v6.11 and the OVPN option "require client certificate" doesn't work anymore!

If I remove the option I can login again with OpenVPN client on iPhone.

But with this option set I can't login (in 6.10 it worked).

Can anyone confirm it?

Best regards

Carsten

Is client certificate from the same CA chain?

Confirming, after updating to 6,11 i have the same problem.

I have exactly the same problem
Downgrade to 6.10

Same problem here.....

yes.. problems is it.

Hello mrz,

yes, I only have one CA installed, and the client certificate is signed by this CA.

Downgraded to 6.10 and it works again.

I have seen that there was an issue with the client certificate option (that I did not have)
because the changelog of 6.11 says:
*) ovpn - fixed require-client-certificate

Regards

Carsten

Same problem for me.
I have CA and intermediate CA with LT status in ROS.

i can also confirm that since v6.11 "require-client-certificate" option does not work anymore!

Will be fixed in next version. It is related to CRL.

When is planned the next version ?

Hi folks,

today I upgraded to version 6.12 and openvpn didn't work.

The flags of the CA and the router certificate after updating was only a big "T"

After I deleted the certificates (CA and signed certificate for router) and imported them again everythings works as expected. <== (I didn't do this step in 6.11, maybe it works also here???)

The flags are: for CA = "AT" and for the router cert = "KT"

So, the option "Require Client Certificate" in version 6.12 works.

Best regards