Certificate auth issue in 0.2.2

Karl weeker at outlook.com
Mon Dec 9 15:11:33 EST 2013 

No luck.

ocserv[13872]: [main] processed 1 CA certificate(s)
ocserv[13872]: [main] initialized ocserv 0.2.3
ocserv[13874]: [MYIP]:37080 accepted connection
ocserv[13874]: [MYIP]:37080 client certificate verification succeeded
ocserv[13873]: sec-mod received request from pid 13874 and uid 65534
ocserv[13874]: [MYIP]:37080 TLS handshake completed
ocserv[13872]: [MYIP]:37080 auth init for user 'user' from '[MYIP]:37080'
ocserv[13874]: [MYIP]:37080 sending auth request
ocserv[13872]: [MYIP]:37080 auth req for user 'user'
ocserv[13872]: [MYIP]:37080 accepting user 'user'
ocserv[13872]: [MYIP]:37080 auth deinit for user 'user'
ocserv[13872]: [MYIP]:37080 Selected IP: [10.10.11.192]:0
ocserv[13872]: [MYIP]:37080 assigned IPv4: [10.10.11.193]:0
ocserv[13872]: [MYIP]:37080 assigning tun device vpns0
ocserv[13872]: [MYIP]:37080 user 'user' of group '[unknown]' authenticated
ocserv[13874]: [MYIP]:37080 User 'user' logged in
ocserv[13877]: [MYIP]:37081 accepted connection
ocserv[13877]: [MYIP]:37081 error verifying client certificate: No
certificate was found.
ocserv[13873]: sec-mod received request from pid 13877 and uid 65534
ocserv[13877]: [MYIP]:37081 TLS handshake completed
ocserv[13872]: [MYIP]:37081 command socket closed
ocserv[13878]: [MYIP]:37082 accepted connection
ocserv[13878]: [MYIP]:37082 error verifying client certificate: No
certificate was found.
ocserv[13873]: sec-mod received request from pid 13878 and uid 65534
ocserv[13878]: [MYIP]:37082 TLS handshake completed
ocserv[13878]: [MYIP]:37082 sending cookie authentication request
ocserv[13872]: [MYIP]:37082 user 'user' presented a certificate from user ''
ocserv[13872]: [MYIP]:37082 failed authentication attempt for user 'user'
ocserv[13878]: [MYIP]:37082 recv_auth_reply: unexpected command
ocserv[13878]: [MYIP]:37082 error receiving cookie authentication reply
ocserv[13878]: [MYIP]:37082 failed cookie authentication attempt
ocserv[13872]: [MYIP]:37082 command socket closed
ocserv[13872]: [MYIP]:37080 command socket closed

On Tue, Dec 10, 2013 at 2:48 AM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
> On Tue, 2013-12-10 at 01:12 +0800, Karl wrote:
>> I always use the git version to keep it updated ;) I got no fixed on
>> these, still failed to connect. The iOS client seems more insane, so I
>> test it on Android, when input the password, the client said: "gateway
>> rejected the connection attempt.", debug log like:
>> ocserv[22905]: [MYIP]:36192 TLS handshake completed
>> ocserv[22905]: [MYIP]:36192 sending cookie authentication request
>> ocserv[22892]: [MYIP]:36192 failed authentication attempt for user 'user'
>> ocserv[22905]: [MYIP]:36192 failed cookie authentication attempt
>
> Could you try again with the latest version?
>
> regards,
> Nikos
>
>

More information about the openconnect-devel mailing list