OpenVPN won't start, won't read conf file?

[kurt2439]

I install, putt my ca.crt, client1.crt and client1.key file into C:\program files (86)\openvpn\config. Then copy client.conf file into config and right clicking and say open openvpn with this config file. Get error message referencing a different .crt file than I specified in the client.conf. I have re-isntalled 3 times and used 2 different versions of openvpn. Completely deleted the folder structure after uninstalling. I don't get this

--client.ovpn--
client
dev tap
proto udp
remote hostsomewhere.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3

NOTE THE "cert client1.crt" line. Here is the output when I try and connect from gui, command line, or right clicking on the conf file

Thu Mar 01 19:57:01 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Thu Mar 01 19:57:01 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Mar 01 19:57:01 2012 Cannot load certificate file client.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Thu Mar 01 19:57:01 2012 Exiting

Can't load certificate file client.crt. Clearly I have expressed that I want to load client1.crt. What the ____ is going on?

I have this setup on another Win7 64bit machine and on linux. works fine there and was a breeze to setup. this is making me insane

[janjust]

you've used PuTTY to copy over the files - this probably caused Win7 to put the files in a virtual store (as Windows7 detects that PuTTY is not win7-aware and hence does this for you automagically). Open a Command prompt with elevated privileges, then CD to the

Code: Select all

c:\program files (x86)\openvpn\config

directory. Are the files still there?

Try copying over the config files to a temporary directory, then copy the files to the right location using Explorer.

[kurt2439]

I didn't know that about the virtual store, but that's not what's going on. I copied the files using cygwin to my cygwin home directory and then copied them using explorer. The files show up fine in the config directory. In a previous install I had spent some time changing permissions on the config directory to try and allow more access privileges since I had no idea what was going on, bu no luck. I deleted the config directory since then and re-installed.

What seems to be a real hint here is that the error message says cannot load "client.crt" when in my client.ovpn file I have expressed "cert client1.crt". It should be trying to load client1.crt NOT client.crt.

If I click "Edit Config" using the GUI tool it doesn't load my config file, but brings up what looks like the original client.ovpn file (which I have already deleted form the sample-configs file). It's almost impossible to read because it comes up in notepad. Is it silently failing to read my config file and so defaulting to some internal default? It shows all the comments and such so it seems like it is reading a file from somewhere...

[janjust]

when openvpn launches it switches to adminstrator mode with elevated privileges; open a command prompt or explorer window with similar privileges and check the config file and the cert/key files. The sample OpenVPN config files have UNIX linefeeds, so they look bad in notepad. It's better to edit them with something else - I'd even consider using wordpad

[kurt2439]

first of all THANK YOU. This was making me insane last night. And it is now fixed. When I did 'type client.ovpn' from an elevated command line instance, I saw that the file was different. I had been using textpad++ to edit the file previously, so I launched textpad++ with elevated permissions and got different file contents when I opened that file than if I launched it without elevated permissions. So, I edited it with elevated permissions and it worked fine when run from OpenVPN. phew...

But this is crazy -- what does the concept of a 'file' mean if it has completely different contents depending on your privileges? Two files in the same place? Is this because of the virtual file system you referenced in your original post? So I get a different folder mount when I view it (as a user with administrative access) in explorer as opposed to running a program as an administrator? I have never known about behavior like this before. Some anti virus protection I'm sure but very confusing!

[janjust]

But this is crazy -- what does the concept of a 'file' mean if it has completely different contents depending on your privileges? Two files in the same place? Is this because of the virtual file system you referenced in your original post? So I get a different folder mount when I view it (as a user with administrative access) in explorer as opposed to running a program as an administrator? I have never known about behavior like this before. Some anti virus protection I'm sure but very confusing!

I think it is called "virtual store" and it is a feature of Windows Vista/7 to protect users.... grin