Home > software > ssl fun

ssl fun

i”m trying to set up an openvpn and ran into SSL errors when I tried to connect. So I looked at the errors at the server:

TLS Error: TLS handshake failed

Not that helpful so i looked at the client log:

TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

But something interesting caught my eye, further down the error log there’s something like:

VERIFY ERROR: depth=1, error=certificate is not yet valid

Not YET??? valid? So I checked the cert on the server:

openssl verify -CAfile ca.crt -purpose sslclient client.crt
client.crt: OK

Now the same on the client:

openssl verify -CAfile ca.crt -purpose sslclient client.crt
error 9 at 1 depth lookup:certificate is not yet valid

That is where I relized what might have happend and looked at the date on both machines – guess what:

Server: Thu Jun  9 05:48:21 GMT 2011
Client: Wed Jun  8 18:03:04 CEST 2011

So I’ll wait till tomorrow . . . 😉

Categories: software Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.