> I´m trying to connect to my vpn server, using tunnelblick, but thinking
> this is a openssl stuff... may be I am wrong.
> When connecting I got (XX is a placeholder) :
> 2020-12-22 17:32:49.423703 VERIFY ERROR: depth=0, error=format error in
> certificate's notAfter field: C=es, L=PXXXX, O=XX, CN=XX,
> emailAddress=XX, serial=17702460327850242852
> I have checked this:
> https://mta.openssl.org/pipermail/openssl-users/2019-March/010018.html ,
> but seems to be something different.
> When checking UTC field for server CA cert, I got:
> % openssl asn1parse -in ca.crt | grep UTC
> 207:d=3 hl=2 l= 13 prim: UTCTIME :170908154452Z
> 222:d=3 hl=2 l= 13 prim: UTCTIME :360718151218Z
I don't see anything obviously wrong with those encodings. Are you
willing to share the actual certificate?
This certificate is not the same one causing the error message in your original email. The error message you provided earlier included "serial=17702460327850242852" (or f5:ab:c5:e0:63:f5:73:24 in hex) but the certificate you provided here has serial=16005263760024127372 (de:1e:1e:97:18:ab:c7:8c).
On Sun, Dec 27, 2020 at 11:50 PM Raúl Uría Elices <[hidden email]> wrote:
I'm sorry, but can't figure out which cert is the one with
serial=16005263760024127372. Getting certs from server (openssl s_client
-connect x.y.z.w:443 -showcerts) neither of two certs showed have this