OpenVPN TLS Webcert required?

[graylion]

Hi, I am trying to set up openvpn (server) and am getting 'Server certificate must have "TLS Web Server Authentication" set in ExtendedKeyUsage extension.' as error. The box is not ticked though? And I see no option of adding this field in the CSR form.

 

[morganL]

Hi, I am trying to set up openvpn (server) and am getting 'Server certificate must have "TLS Web Server Authentication" set in ExtendedKeyUsage extension.' as error. The box is not ticked though? And I see no option of adding this field in the CSR form.

Which version of software... have you had this working before?

If not, please try to document your set-up so that people can look for any configuration issues.

 

[Ericloewe]

Care to elaborate for the benefit of future readers?

 

[graylion]

Turns out that it is not resolved

Steps:

- create openvpn CA
- Create openvpn CSR

• Type: Certificate Signing Request
• Key Type: RSA
• Key Length: 2048
• Digest Algorithm: SHA256
• Country: Ireland
• Profiles: Openvpn Server Certificate
• Usages: SERVER_AUTH

- try to configure openVPN server:


so again I get this error message

when creating the CSR there is no option to add "TLS Web Server Authentication" :(

Software: TrueNAS-SCALE-22.02.4

6 cores, 12 threads, 128 GiB RAM

 

[graylion]

and this is a new setup - this has never workd before

 

[graylion]

just updated to bluefin - no joy either, same error