TrueNAS CORE 12 OpenVPN Client Setup

[SONIXINOS]

I'm trying to set up an OpenVPN client with TrueNAS 12 CORE and its giving me errors. I can't get a client certificate to save because it says I need a private key, but there is no private key and TrueNAS gives no location to put in the VPN username and password. It wont let me leave it blank and if I use the freenas_default Client Certificate I get

"Client certificate must have "TLS Web Client Authentication" set in ExtendedKeyUsage extension."

Does anyone know why this will not connect to my VPN? my provider is windscribe. Here is a pastebin of my .ovpn file (redacted) everything looks to be correct I just cannot figure out why it won't save the configuration. Any help would be greatly appreciated.

 

[greysave]

I am having the same issue. I have gone so far as to try multiple VPN providers to isolate the issue. This seems specific to TrueNas. I am wondering if there is something wrong with the TrueNas implementation of the OpenVPN client. I have seen other users successfully get this to work with Truenas as the server. I have not seen anyone get this working with a third-party VPN provider. I also could not locate an openvpn directory under /usr/local/etc.

 

[Niel Archer]

Same problem here. Documentation for CA and Certificates is no help on this.

 

[appliance]

No idea how to add "TLS Web Client Authentication" as it doesn't appear in the settings. Also the CN edit box should be with * asterisk, otherwise user gets into create->cant delete->create new->select new->delete old certificate loop. It's evidently a VPN centric UI process, so the CN field should be marked as mandatory.

1) Client certificate requires common name (CN) to be set to verify properly.
2) Client certificate must have "TLS Web Client Authentication" set in ExtendedKeyUsage extension.

OpenVpn looks impossible so far.