I am trying to figure out how to disable certificate verification when establishing VPN connection via the router.
Route : Asus RT-AC55UHP
System Log
Note: I am able to connect via to this vpn via my mac book, but while connected i have to trust the certificate. (As the issuing authority is not part of default trusted authorities).
I am trying to figure out if can provide some option to disable certificate verification.
Route : Asus RT-AC55UHP
System Log
Nov 18 21:23:56 rc_service: httpd 301:notify_rc restart_vpncall
Nov 18 21:23:56 openvpn[2437]: OpenVPN 2.3.2 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Dec 1 2016
Nov 18 21:23:56 openvpn[2437]: Socket Buffers: R=[87380->131072] S=[16384->131072]
Nov 18 21:23:56 openvpn[2442]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xx:443 [nonblock]
Nov 18 21:23:57 openvpn[2442]: TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:443
Nov 18 21:23:57 openvpn[2442]: TCPv4_CLIENT link local: [undef]
Nov 18 21:23:57 openvpn[2442]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Nov 18 21:23:57 openvpn[2442]: TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:443, sid=d58fe503 a6e70d4e
Nov 18 21:23:57 openvpn[2442]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 18 21:23:57 openvpn[2442]: VERIFY OK: depth=1, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN (SN XXXXXXXXXXX 2015-11-18 09:19:40 GMT) CA
Nov 18 21:23:57 openvpn[2442]: Validating certificate extended key usage
Nov 18 21:23:57 openvpn[2442]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS
Nov 18 21:23:57 openvpn[2442]: ++ Certificate has EKU (oid) 1.3.6.1.5.5.7.3.1, expects TLS
Nov 18 21:23:57 openvpn[2442]: VERIFY EKU ERROR
I am actually trying to connect to my office VPN. Nov 18 21:23:56 openvpn[2437]: OpenVPN 2.3.2 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Dec 1 2016
Nov 18 21:23:56 openvpn[2437]: Socket Buffers: R=[87380->131072] S=[16384->131072]
Nov 18 21:23:56 openvpn[2442]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xx:443 [nonblock]
Nov 18 21:23:57 openvpn[2442]: TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:443
Nov 18 21:23:57 openvpn[2442]: TCPv4_CLIENT link local: [undef]
Nov 18 21:23:57 openvpn[2442]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Nov 18 21:23:57 openvpn[2442]: TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:443, sid=d58fe503 a6e70d4e
Nov 18 21:23:57 openvpn[2442]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 18 21:23:57 openvpn[2442]: VERIFY OK: depth=1, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN (SN XXXXXXXXXXX 2015-11-18 09:19:40 GMT) CA
Nov 18 21:23:57 openvpn[2442]: Validating certificate extended key usage
Nov 18 21:23:57 openvpn[2442]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS
Nov 18 21:23:57 openvpn[2442]: ++ Certificate has EKU (oid) 1.3.6.1.5.5.7.3.1, expects TLS
Nov 18 21:23:57 openvpn[2442]: VERIFY EKU ERROR
Note: I am able to connect via to this vpn via my mac book, but while connected i have to trust the certificate. (As the issuing authority is not part of default trusted authorities).
I am trying to figure out if can provide some option to disable certificate verification.
