OpenVPN on pfSense issue

Trying to vpn into my home network with a netgate 3100 appliance as my vpn server / router.

This is what I get from the client when I try to use it.

Wed Feb 16 18:42:51 2022 VERIFY ERROR: depth=0, error=unable to get local issuer certificate: CN=internal-vpn, serial=2
Wed Feb 16 18:42:51 2022 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Feb 16 18:42:51 2022 TLS_ERROR: BIO read tls_read_plaintext error
Wed Feb 16 18:42:51 2022 TLS Error: TLS object → incoming plaintext read error
Wed Feb 16 18:42:51 2022 TLS Error: TLS handshake failed
Wed Feb 16 18:42:51 2022 Fatal TLS error (check_tls_errors_co), restarting
Wed Feb 16 18:42:51 2022 SIGUSR1[soft,tls-error] received, process restarting

It looks like a certificate issue but I don’t know where to go from here.

Just a guess here but I’d say you’ve most likely made a configuration error on your OpenVPN Cryptographic Settings section. If you have a different device to test your connection then it will tell you whether the issue is with the server or client.

I have a tutorial on this and even though it’s from 2020 it looks the same. Please note that At the 3:30 mark I meant to say "Leave it at the UDP default, not the TCP Default.

I was using that tutorial. Not sure yet what I messed up. I’ll look again tonight.

I followed your tutorial exactly except for the naming. still no joy.

Are you uninstalling the client and downloading the installer fresh via the “Client Export Utility” after each change?

Yes. And I rebuilt the server from scratch last night.

I just deleted the server, used the wizard to recreate it. I deleted the client from my laptop, cleared the old config, and exported the client with the new server config.

I tested by connecting my laptop to my hotspot and cannot connect. I get the same error.

Set your openvpn instance to listen on some other interface other than wan, then try connecting the laptop. Does it fail as well with the same error?