We have renewed the company's wildcard certificate and installed it as certificate authority certificate one the UTM firewall.
We noticed that the firewall has regenerated all user's certificate based on the updated wildcard certificate.
Since then no one is able to conenct via SSL VPN with the following error in the client logs
Mon Mar 29 20:08:24 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Mar 29 20:08:24 2021 VERIFY ERROR: depth=1, error=unable to get issuer certificate: /C=US/O=DigiCert Inc/CN=GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
Mon Mar 29 20:08:24 2021 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Mon Mar 29 20:08:24 2021 TLS Error: TLS object -> incoming plaintext read error
Mon Mar 29 20:08:24 2021 TLS Error: TLS handshake failed
Mon Mar 29 20:08:24 2021 SIGUSR1[soft,tls-error] received, process restarting
We have added all the Public Certificate chain certificates in the firewall as well, with no luck
We tried to remove the users from the firewall and have them recreated by logging into the user portal and downloading the vpn config file again,but the error still happen
Anyone has come through this before ?
thanks
This thread was automatically locked due to age.
