openmediavault-openvpn 4.0.4 - can corrupt configuration

1st Official Post

    I was trying to debug an OpenMediaVault - OpenVPN (4.0.4) plugin issue and discovered that the server certificate was overritten with a client certificate under /etc/openvpn/pki/issued/<hostname>.crt


    To reproduce, create a new client with a Common name set to the server hostname. This will overwrite the server certificate with the new client certificate and break all VPN connections.


    Could a little error checking be added to the web interface to block this?


    To fix, I had to uninstall/re-install the openvpn plugin and re-create all of the users.

    • Official Post
    Quote from aaaskew

    Could a little error checking be added to the web interface to block this?

    While I have ported this plugin to newer versions of OMV, I know very little about how it works. It may be the easyrsa script overwriting it. Either way, feel free to submit a pull request - https://github.com/OpenMediaVa…rs/openmediavault-openvpn. I have no way to test the pull requests though.

    omv 8.0.10-2 synchrony | 6.17 proxmox kernel

    plugins :: omvextrasorg 8.0.2 | kvm 8.0.5 | compose 8.1.3 | cterm 8.0 | borgbackup 8.1.4 | cputemp 8.0 | mergerfs 8.0 | scripts 8.0.1 | writecache 8.1


    omv-extras.org plugins source code and issue tracker - github - changelogs


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login