Page MenuHomeVyOS Platform

OpenConnect Server redundancy check
Closed, ResolvedPublicBUG


VyOS should not check the existence of` ca-cert-file` in config when using not self-signed certificates like certificates provided LetsEncrypt.

set vpn openconnect authentication local-users username user1 password 'user1'
set vpn openconnect authentication mode 'local'
set vpn openconnect network-settings client-ip-settings subnet ''
set vpn openconnect network-settings name-server ''
set vpn openconnect ssl cert-file '/etc/letsencrypt/live/'
set vpn openconnect ssl key-file '/etc/letsencrypt/live/'
[ vpn openconnect ]
openconnect ssl ca-cert-file required

[[vpn openconnect]] failed
Commit failed
Propose to exlude ca_cert_file from this list


Difficulty level
Easy (less than an hour)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

Dmitry changed the task status from Open to In progress.May 18 2021, 7:40 PM
Dmitry assigned this task to Viacheslav.
Dmitry changed the task status from In progress to Backport candidate.May 18 2021, 7:50 PM

Tested on 1.4-rolling-202105170417 works correct. Propose to backport this to 1.3

SrividyaA set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:27 PM