[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Update on openvpn

Just connected via the CLI, using "openvpn --config roadwarrior.ovpn". It works fine. SO, its Network Manager's ovpn module that is screwing something up. I meant to mention it earlier but i found a reference to some mailing list post that said that NM fails if it doesnt see the local cert as being "client" instead of "server". In looking at the contents of my local cert file I see :
X509v3 Extended Key Usage:
  TLS Web Client Authentication
X509v3 Key Usage:
   Digital Signature

so...I dunno. Its weird.

On 6/14/07, Tim Grossner <tim@grossner.net> wrote:
I know you guys are on the edge of your seats!

This is what my Ubuntu Network Manager openvpn client is seeing (i finally located the log):
I believe it to be a problem with the way that network-manager-openvpn reads the cert files.

 Jun 14 14:13:49 ACER nm-openvpn[9380]: OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Mar  2 2007
Jun 14 14:13:50 ACER nm-openvpn[9380]: UDPv4 link local: [undef]
Jun 14 14:13:50 ACER nm-openvpn[9380]: UDPv4 link remote: 69.179.188.54:1194
Jun 14 14:13:50 ACER nm-openvpn[9380]: TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Jun 14 14:13:50 ACER nm-openvpn[9380]: TLS Error: TLS object -> incoming plaintext read error
Jun 14 14:13:50 ACER nm-openvpn[9380]: TLS Error: TLS handshake failed
Jun 14 14:13:50 ACER nm-openvpn[9380]: SIGUSR1[soft,tls-error] received, process restarting
Jun 14 14:13:52 ACER nm-openvpn[9380]: Re-using SSL/TLS context
Jun 14 14:13:52 ACER nm-openvpn[9380]: UDPv4 link local: [undef]
Jun 14 14:13:52 ACER nm-openvpn[9380]: UDPv4 link remote: 69.179.188.54:1194
Jun 14 14:13:52 ACER nm-openvpn[9380]: TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Jun 14 14:13:52 ACER nm-openvpn[9380]: TLS Error: TLS object -> incoming plaintext read error
Jun 14 14:13:52 ACER nm-openvpn[9380]: TLS Error: TLS handshake failed
Jun 14 14:13:52 ACER nm-openvpn[9380]: SIGUSR1[soft,tls-error] received, process restarting
Jun 14 14:13:54 ACER nm-openvpn[9380]: Re-using SSL/TLS context
Jun 14 14:13:54 ACER nm-openvpn[9380]: UDPv4 link local: [undef]
Jun 14 14:13:54 ACER nm-openvpn[9380]: UDPv4 link remote: 69.179.188.54:1194
Jun 14 14:13:54 ACER nm-openvpn[9380]: TLS Error: Unroutable control packet received from 69.179.188.54:1194 (si=3 op=P_CONTROL_V1)
Jun 14 14:13:56 ACER nm-openvpn[9380]: TLS Error: Unroutable control packet received from 69.179.188.54:1194 (si=3 op=P_ACK_V1)
Jun 14 14:13:56 ACER nm-openvpn[9380]: TLS Error: Unroutable control packet received from 69.179.188.54:1194 (si=3 op=P_CONTROL_V1)
Jun 14 14:13:58 ACER nm-openvpn[9380]: TLS Error: Unroutable control packet received from 69.179.188.54:1194 (si=3 op=P_ACK_V1)
Jun 14 14:13:59 ACER nm-openvpn[9380]: SIGINT[hard,] received, process exiting


--
________________
Tim Grossner
tim@grossner.net
There is no place like ~/.



--
________________
Tim Grossner
tim@grossner.net
There is no place like ~/.