Mac user solution for Openvpn error [OpenVPN error: PolarSSL: ca certificate is undefined].
I recently download this Openvpn for mac and while importing my configuration file I encounter this problem. So, I search to google how to solved this problem, till I came out with this simple solution.
Before importing .ovpn file, first edit your .ovpn file using a file editor for MAC, for me I use CotEditor.
This is the example of my .ovpn file
client
dev tun
proto tcp
remote 172.246.118.22 443
keepalive 1 180
resolv-retry infinite
redirect-gateway def1
nobind
sndbuf 393216
rcvbuf 393216
tun-mtu 1400
mssfix 1360
auth-user-pass
verb 3
script-security 2
setenv CLIENT_CERT 0
http-proxy 172.246.118.22 8080
http-proxy-retry
http-proxy-timeout 5
http-proxy-option VERSION 1.1
http-proxy-option CUSTOM-HEADER Host apps.google.com
http-proxy-option CUSTOM-HEADER X-Online-Host apps.google.com
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIJAIS+HoV3uxrsMA0GCSqGSIb3DQEBCwUAMIG2MQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG
A1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXphdGlvbmFsVW5p
dDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdFYXN5UlNBMSEw
HwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wHhcNMTcwNDAzMDYwOTEx
WhcNMjcwNDAxMDYwOTExWjCBtjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUw
EwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDFBsdWdOUGxheVZQTjEdMBsG
A1UECxMUTXlPcmdhbml6YXRpb25hbFVuaXQxGDAWBgNVBAMTD0ZvcnQtRnVuc3Rv
biBDQTEQMA4GA1UEKRMHRWFzeVJTQTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0
Lm15ZG9tYWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cpSDM03
91+1rGNxg32IPw5GzHQp53diNzXZgGWO/jfZdEbhQ+OnxCQdjp1e0JiIpJnOJK29
O6Je5IWpnLzE/YgLADYT5rafcKlWmyLsQk2DRnBWXcem1gjfuRghIhBroSRG+ZIj
uESWPTJ/V/JmtK6ri6T5TUy4lbCrAREc77RlxBmWNoO+MwU55o9ei3HvASBlsXDJ
HPLl2LufQy0vJcO2lzT1tI/Gup9MaDsFFhcEeruNaU/uLb157pfJ5qvyJi5FbrUc
sfOKcpZQQrYCGaa9oPZYDaePJwqccSGddsCZ4WdNaeAjok7WyKbdgqSDyz6xCPQl
r2X2HoimAs25aQIDAQABo4IBHzCCARswHQYDVR0OBBYEFAS/Pg+mFQDEhJmWd8K8
ZGjYcxAdMIHrBgNVHSMEgeMwgeCAFAS/Pg+mFQDEhJmWd8K8ZGjYcxAdoYG8pIG5
MIG2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5j
aXNjbzEVMBMGA1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXph
dGlvbmFsVW5pdDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdF
YXN5UlNBMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW6CCQCEvh6F
d7sa7DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDFu2fr1Lqhyq+L
IlPkAqo7lv1VCZ1v3kzhoeW6LHVCsINgqirtWRZr2q93/JhcvyaHxUIvoXz0MM9e
IkLoe7EpbTlF84bHfSayBqsrAQ2wsHkLPqn3KADHtyfGK6H9FjTzS8RL7ht6pA9o
dKTTSkmrrSGmXG/7z0/Cra9Ff2s3Cb3u2DPxcQ7ckkz0Yxj93L3c2hl8kAAn8AP7
W16qJS8kj+Vg35O3cStftVPVWAYW1r410KlFAb6A7D7tSGBnMbpa2ZoUANPM9UR6
PnFVkZDdyfPfdXNmPduk8Ok5TXqp/0pzF1FlEBSZa5KmNAkO+KRi//ygCe3MgK3L
ZEWW0j2G
-----END CERTIFICATE-----
To correct this one create a new file name example (ca.myvpn.cr) this will serve as certificate for you vpn the causing the error. Copy the certificate above then save.
The file ca.myvpn.cr should be look like this:
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIJAIS+HoV3uxrsMA0GCSqGSIb3DQEBCwUAMIG2MQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG
A1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXphdGlvbmFsVW5p
dDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdFYXN5UlNBMSEw
HwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wHhcNMTcwNDAzMDYwOTEx
WhcNMjcwNDAxMDYwOTExWjCBtjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUw
EwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDFBsdWdOUGxheVZQTjEdMBsG
A1UECxMUTXlPcmdhbml6YXRpb25hbFVuaXQxGDAWBgNVBAMTD0ZvcnQtRnVuc3Rv
biBDQTEQMA4GA1UEKRMHRWFzeVJTQTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0
Lm15ZG9tYWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cpSDM03
91+1rGNxg32IPw5GzHQp53diNzXZgGWO/jfZdEbhQ+OnxCQdjp1e0JiIpJnOJK29
O6Je5IWpnLzE/YgLADYT5rafcKlWmyLsQk2DRnBWXcem1gjfuRghIhBroSRG+ZIj
uESWPTJ/V/JmtK6ri6T5TUy4lbCrAREc77RlxBmWNoO+MwU55o9ei3HvASBlsXDJ
HPLl2LufQy0vJcO2lzT1tI/Gup9MaDsFFhcEeruNaU/uLb157pfJ5qvyJi5FbrUc
sfOKcpZQQrYCGaa9oPZYDaePJwqccSGddsCZ4WdNaeAjok7WyKbdgqSDyz6xCPQl
r2X2HoimAs25aQIDAQABo4IBHzCCARswHQYDVR0OBBYEFAS/Pg+mFQDEhJmWd8K8
ZGjYcxAdMIHrBgNVHSMEgeMwgeCAFAS/Pg+mFQDEhJmWd8K8ZGjYcxAdoYG8pIG5
MIG2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5j
aXNjbzEVMBMGA1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXph
dGlvbmFsVW5pdDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdF
YXN5UlNBMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW6CCQCEvh6F
d7sa7DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDFu2fr1Lqhyq+L
IlPkAqo7lv1VCZ1v3kzhoeW6LHVCsINgqirtWRZr2q93/JhcvyaHxUIvoXz0MM9e
IkLoe7EpbTlF84bHfSayBqsrAQ2wsHkLPqn3KADHtyfGK6H9FjTzS8RL7ht6pA9o
dKTTSkmrrSGmXG/7z0/Cra9Ff2s3Cb3u2DPxcQ7ckkz0Yxj93L3c2hl8kAAn8AP7
W16qJS8kj+Vg35O3cStftVPVWAYW1r410KlFAb6A7D7tSGBnMbpa2ZoUANPM9UR6
PnFVkZDdyfPfdXNmPduk8Ok5TXqp/0pzF1FlEBSZa5KmNAkO+KRi//ygCe3MgK3L
ZEWW0j2G
-----END CERTIFICATE-----
To finalise everything add this code (ca ca.myvpn.cr) to your .ovpn file like this:
clientnote: Save this file in same folder with you .ovpn file
dev tun
proto tcp
remote 172.246.118.22 443
keepalive 1 180
resolv-retry infinite
redirect-gateway def1
nobind
sndbuf 393216
rcvbuf 393216
tun-mtu 1400
mssfix 1360
auth-user-pass
verb 3
script-security 2
setenv CLIENT_CERT 0
http-proxy 172.246.118.22 8080
http-proxy-retry
http-proxy-timeout 5
http-proxy-option VERSION 1.1
http-proxy-option CUSTOM-HEADER Host apps.google.com
http-proxy-option CUSTOM-HEADER X-Online-Host apps.google.com
ca ca.myvpn.cr-----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIJAIS+HoV3uxrsMA0GCSqGSIb3DQEBCwUAMIG2MQswCQYD VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG A1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXphdGlvbmFsVW5p dDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdFYXN5UlNBMSEw HwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW4wHhcNMTcwNDAzMDYwOTEx WhcNMjcwNDAxMDYwOTExWjCBtjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUw EwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDFBsdWdOUGxheVZQTjEdMBsG A1UECxMUTXlPcmdhbml6YXRpb25hbFVuaXQxGDAWBgNVBAMTD0ZvcnQtRnVuc3Rv biBDQTEQMA4GA1UEKRMHRWFzeVJTQTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0 Lm15ZG9tYWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cpSDM03 91+1rGNxg32IPw5GzHQp53diNzXZgGWO/jfZdEbhQ+OnxCQdjp1e0JiIpJnOJK29 O6Je5IWpnLzE/YgLADYT5rafcKlWmyLsQk2DRnBWXcem1gjfuRghIhBroSRG+ZIj uESWPTJ/V/JmtK6ri6T5TUy4lbCrAREc77RlxBmWNoO+MwU55o9ei3HvASBlsXDJ HPLl2LufQy0vJcO2lzT1tI/Gup9MaDsFFhcEeruNaU/uLb157pfJ5qvyJi5FbrUc sfOKcpZQQrYCGaa9oPZYDaePJwqccSGddsCZ4WdNaeAjok7WyKbdgqSDyz6xCPQl r2X2HoimAs25aQIDAQABo4IBHzCCARswHQYDVR0OBBYEFAS/Pg+mFQDEhJmWd8K8 ZGjYcxAdMIHrBgNVHSMEgeMwgeCAFAS/Pg+mFQDEhJmWd8K8ZGjYcxAdoYG8pIG5 MIG2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5j aXNjbzEVMBMGA1UEChMMUGx1Z05QbGF5VlBOMR0wGwYDVQQLExRNeU9yZ2FuaXph dGlvbmFsVW5pdDEYMBYGA1UEAxMPRm9ydC1GdW5zdG9uIENBMRAwDgYDVQQpEwdF YXN5UlNBMSEwHwYJKoZIhvcNAQkBFhJtZUBteWhvc3QubXlkb21haW6CCQCEvh6F d7sa7DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDFu2fr1Lqhyq+L IlPkAqo7lv1VCZ1v3kzhoeW6LHVCsINgqirtWRZr2q93/JhcvyaHxUIvoXz0MM9e IkLoe7EpbTlF84bHfSayBqsrAQ2wsHkLPqn3KADHtyfGK6H9FjTzS8RL7ht6pA9o dKTTSkmrrSGmXG/7z0/Cra9Ff2s3Cb3u2DPxcQ7ckkz0Yxj93L3c2hl8kAAn8AP7 W16qJS8kj+Vg35O3cStftVPVWAYW1r410KlFAb6A7D7tSGBnMbpa2ZoUANPM9UR6 PnFVkZDdyfPfdXNmPduk8Ok5TXqp/0pzF1FlEBSZa5KmNAkO+KRi//ygCe3MgK3L ZEWW0j2G -----END CERTIFICATE-----
Save the file, import the configuration, then you should connect now.
No comments:
Post a Comment