ALERT: Datto Drive Cloud service will no longer be available as of June 1, 2019. To migrate to Datto Workplace, contact your Sales Executive. To learn how to download your Datto Drive cloud data, please visit this article.

Datto Networking Appliance (DNA): "Certificate Verify Failed" Error Message When Connecting To Client VPN

Follow

Issue

When you try to connect to your Datto Networking Appliance's client VPN via OpenVPN, you see output similar to the following:

Wed Mar 13 11:37:33 2019 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, O=Datto Inc., CN=VPN Gateway
Wed Mar 13 11:37:33 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Mar 13 11:37:33 2019 TLS_ERROR: BIO read tls_read_plaintext error
Wed Mar 13 11:37:33 2019 TLS Error: TLS object -> incoming plaintext read error
Wed Mar 13 11:37:33 2019 TLS Error: TLS handshake failed

Environment

  • Datto Networking Appliance (DNA)
  • All OpenVPN Clients

Resolution

Download the Configuration File

1. From the GUI of your Datto Networking Appliance, download the OpenVPN config file from the DNA to the target computer by clicking the OpenVPN Config File on the Client VPN card, as shown in Figure 1.

  • For Windows clients, save the file to  %systemroot%\Program Files\OpenVPN\config.
  • For Linux and Mac clients, save the file to the desktop.

Figure 1: OpenVPN Config File download link (click to enlarge)

Connect the VPN Client

Windows

1. Open the OpenVPNclient and click connect.

2. To log on to the network, use the email address from the username and password you created earlier on the Client VPN card.

3. If you are still unable to connect, reboot your Datto Networking Appliance, and attempt the connection again.

Linux

1. Launch OpenVPN with the --config argument to specify the configuration file to use:

openvpn --config client.ovpn

2. If you are still unable to connect, reboot your Datto Networking Appliance, and attempt the connection again.

Mac

1. Add the config file you saved in the Download the OpenVPN Config File section of this article to Tunnelblick by dragging it from the desktop into the left-hand pane shown in Figure 2.

Figure 2: Tunnelblick settings pane (click to enlarge)

2. Select the configuration in the Configurations sidebar, and click Connect.

3. Log in using the credentials you created in the DNA: Client VPN article.

4. If you are still unable to connect, reboot your Datto Networking Appliance, and attempt the connection again.


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Community Forum or get live help.