Opened 12 days ago

Last modified 8 hours ago

#5923 reopened

r33080+ builds ovnp server & client / openSSL error

Reported by: mrjcd Owned by:
Keywords: Cc:

Description

Installed over previous working ovpn server 2.4.3 and also tried reset recofig using different keys.
Happens with r33080 on both WNDR3700v4 & EA8500
Same errors on both routers -

Aug  9 14:08:06 -- user.info : WAN is up. IP: xx.xx.xx.xx
Aug  9 14:08:06 -- user.info : openvpn : OpenVPN daemon (Server) starting/restarting...
Aug  9 14:08:06 -- daemon.notice openvpn[3440]: OpenVPN 2.4.3 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Aug  9 2017
Aug  9 14:08:06 -- daemon.notice openvpn[3440]: library versions: OpenSSL 1.1.0f  25 May 2017, LZO 2.09
Aug  9 14:08:06 -- daemon.notice openvpn[3442]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:14
Aug  9 14:08:06 -- daemon.warn openvpn[3442]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug  9 14:08:06 -- daemon.notice openvpn[3442]: Diffie-Hellman initialized with 2048 bit key
Aug  9 14:08:06 -- daemon.err openvpn[3442]: OpenSSL: error:140AB18E:lib(20):func(171):reason(398)
Aug  9 14:08:06 -- daemon.err openvpn[3442]: Cannot load certificate file /tmp/openvpn/cert.pem
Aug  9 14:08:06 -- daemon.notice openvpn[3442]: Exiting due to fatal error

The rest of r33080 looks good.. :-)

Change History (8)

comment:1 Changed 11 days ago by mrjcd

Remains broken in r33088

comment:2 Changed 9 days ago by mrjcd

Summary: r33080 openVPN server / openSSL errorr33080+ builds openVPN server / openSSL error

remains broke with r33140

comment:3 Changed 8 days ago by mrjcd

Summary: r33080+ builds openVPN server / openSSL errorr33080+ builds ovnp server & client / openSSL error

comment:4 Changed 7 days ago by mrjcd

Same error remains w/r33165. Checked using WRT160NL
NOTE: r33165 .bin for wndr3700v4 only 16.1 MB -- too small won't install

comment:5 Changed 6 days ago by mrjcd

Remains with r33167

Aug 16 00:30:13 WRT160NL-ovpnSer daemon.notice openvpn[1048]: Diffie-Hellman initialized with 1024 bit key
Aug 16 00:30:13 WRT160NL-ovpnSer daemon.err openvpn[1048]: OpenSSL: error:140AB18E:lib(20):func(171):reason(398)
Aug 16 00:30:13 WRT160NL-ovpnSer daemon.err openvpn[1048]: Cannot load certificate file /tmp/openvpn/cert.pem
Aug 16 00:30:13 WRT160NL-ovpnSer daemon.notice openvpn[1048]: Exiting due to fatal error

-------

Aug 16 00:36:07 EA8500-openVPN daemon.notice openvpn[1910]: Diffie-Hellman initialized with 2048 bit key
Aug 16 00:36:07 EA8500-openVPN daemon.err openvpn[1910]: OpenSSL: error:140AB18E:lib(20):func(171):reason(398)
Aug 16 00:36:07 EA8500-openVPN daemon.notice openvpn[1910]: Exiting due to fatal error

-------

Aug 16 01:29:18 WNDR3700v4-ovpnClient user.info : openvpn : OpenVPN daemon (Client) starting/restarting...
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.warn openvpn[1193]: WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.notice openvpn[1193]: OpenVPN 2.4.3 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Aug 15 2017
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.notice openvpn[1193]: library versions: OpenSSL 1.1.0f 25 May 2017, LZO 2.09
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.notice openvpn[1195]: MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.warn openvpn[1195]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.warn openvpn[1195]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.err openvpn[1195]: Cannot load certificate file /tmp/openvpncl/client.crt
Aug 16 01:29:18 WNDR3700v4-ovpnClient daemon.notice openvpn[1195]: Exiting due to fatal error

comment:6 Changed 4 days ago by mrjcd

Resolution: provide more info and reopen
Status: newclosed

comment:7 Changed 4 days ago by mrjcd

Resolution: provide more info and reopen
Status: closedreopened

remains broken with r33169

comment:8 Changed 8 hours ago by mrjcd

same error in r33179

Note: See TracTickets for help on using tickets.