Solved: certificate is not yet valid

Discussion in 'Router' started by asango, Dec 27, 2017.

  1. a

    asango New Member

    Hi, i´m a newbie, and i experience a reproducable issue, and kindly ask for some ideas :)

    I´m running Tomato USB V1.28 by Shibby on an ASUS RT-AC3200

    my usecase is like this:
    - i download the server configurations from perfect privacy
    - i clear NVRAM and install one openvpn config for one server f.i. Berlin and all works fine
    - then i replace the openvpn config with another server, f.i. Amsterdam also updating the keys from the Amsterdam.ovpn. still everything works fine after restarting the client.
    - but after rebooting the device, to working VPN but the below log.
    - if i clear NVRAM again (which takes forever) and install openvpn again, all works fine again.

    so it seems i´m unable to change the server without clearing NVRAM


    what does "certificate is not yet valid" mean?

    Jan 1 01:33:38 unknown user.notice root: vpnrouting: clean-up
    Jan 1 01:33:42 unknown daemon.warn openvpn[3022]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
    Jan 1 01:33:42 unknown daemon.warn openvpn[3022]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Re-using SSL/TLS context
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: LZO compression initializing
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Control Channel MTU parms [ L:1626 D:1140 EF:110 EB:0 ET:0 EL:3 ]
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: TCP/UDP: Preserving recently used remote address: [AF_INET]80.255.7.98:1149
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Data Channel MTU parms [ L:1626 D:1300 EF:126 EB:407 ET:0 EL:3 ]
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-128-CBC,auth SHA512,keysize 128,tls-auth,key-method 2,tls-client'
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-128-CBC,auth SHA512,keysize 128,tls-auth,key-method 2,tls-server'
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: TCP/UDP: Preserving recently used remote address: [AF_INET]80.255.7.98:1149
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: TLS: Initial packet from [AF_INET]80.255.7.98:1149, sid=fe642a1f b974fec1
    Jan 1 01:33:42 unknown daemon.err openvpn[3022]: VERIFY ERROR: depth=1, error=certificate is not yet valid: C=CH, ST=Zug, L=Zug, O=Perfect Privacy, CN=Perfect Privacy, emailAddress=admin@perfect-privacy.com
    Jan 1 01:33:42 unknown daemon.err openvpn[3022]: OpenSSL: error:14090086:lib(20):func(144):reason(134)
    Jan 1 01:33:42 unknown daemon.err openvpn[3022]: TLS_ERROR: BIO read tls_read_plaintext error
    Jan 1 01:33:42 unknown daemon.err openvpn[3022]: TLS Error: TLS object -> incoming plaintext read error
    Jan 1 01:33:42 unknown daemon.err openvpn[3022]: TLS Error: TLS handshake failed
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: TCP/UDP: Closing socket
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: SIGUSR1[soft,tls-error] received, process restarting
    Jan 1 01:33:42 unknown daemon.notice openvpn[3022]: Restart pause, 5 second(s)

    thank you!
     
  2. PP Frank

    PP Frank Staff Member

    False System-Date.....
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice