Date: November 23, 2007 10:32:32 PM CST
Subject: consolidating two servers
I am trying to consolidate two openvpn servers onto one larger server. Each server has its' own ca.crt server.crt and server.key.
I thought I could just cat the individual files together and use those file names on the new larger server, but I continually get this error message on the clients. The server loads without an error.
TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Fri 11/23/07 10:09 PM: TLS Error: TLS object -> incoming plaintext read error
Fri 11/23/07 10:09 PM: TLS Error: TLS handshake failed
The only thing I see on the server is the TLS Error: TLS handshake failed
The only difference is the ca, server.crt and server.key. The rest of the configurations are the same. And they work with their individual certs.
I'd rather not ask that the users load new client configuration and crts right now. I wanted to make the change transparent.
Any help would be appreciated.