>> I am attaching my /etc/ssl/openssl.cnf (if for some reason it fails, I will >> paste the contents instead). As far as I know, this is the default >> /etc/ssl/ openssl.cnf file that comes with Debian, except the "MinProtocol" >> parameter, which I had to change for one specific VPN to work (it was using >> TLSv1.0 instead of TLSv1.2). > > It seems that the culprit is the (non-default) setting MinProtocol = TLSv1.0, > which I had to modify to be able to use a specific VPN server. Changing the > value to "MinProtocol = TLSv1.2" does not produce the error anymore.
Sidenote. That MinProtocol = TLSv1.0 is wrong. It needs to be MinProtocol = TLSv1 for obvious reasons :P Anyway here is a patch that fixes the problem of not loading certificates: https://patchwork.openvpn.net/patch/1095/ Arne
