Can somebody help me work out whats wrong all users cant connect anymore all of a sudden - this has worked for over a year then stopped - open vpn is running from a synology and is turned on and no firewall rules changed, could it be an expired cert and if so how might i fix this if this looks like the issue? thanks
Fri Oct 01 13:53:09 2021 SIGUSR1[soft,tls-error] received, process restarting
Fri Oct 01 13:53:14 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Oct 01 13:53:15 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]81.106.156.151:1194
Fri Oct 01 13:53:15 2021 UDP link local (bound): [AF_INET][undef]:1194
Fri Oct 01 13:53:15 2021 UDP link remote: [AF_INET]81.106.156.151:1194
Fri Oct 01 13:53:15 2021 VERIFY ERROR: depth=2, error=certificate has expired: O=Digital Signature Trust Co., CN=DST Root CA X3
Fri Oct 01 13:53:15 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Oct 01 13:53:15 2021 TLS_ERROR: BIO read tls_read_plaintext error
Fri Oct 01 13:53:15 2021 TLS Error: TLS object -> incoming plaintext read error
Fri Oct 01 13:53:15 2021 TLS Error: TLS handshake failed
Fri Oct 01 13:53:15 2021 SIGUSR1[soft,tls-error] received, process restarting
Fri Oct 01 13:53:20 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Oct 01 13:53:20 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]81.106.156.151:1194
Fri Oct 01 13:53:20 2021 UDP link local (bound): [AF_INET][undef]:1194
Fri Oct 01 13:53:20 2021 UDP link remote: [AF_INET]81.106.156.151:1194
Fri Oct 01 13:53:20 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_ACK_V1)
Fri Oct 01 13:53:22 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_CONTROL_V1)
Fri Oct 01 13:53:24 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_CONTROL_V1)
Fri Oct 01 13:53:26 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_CONTROL_V1)
Fri Oct 01 13:53:26 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_ACK_V1)
Fri Oct 01 13:53:27 2021 TLS Error: Unroutable control packet received from [AF_INET]81.106.156.151:1194 (si=3 op=P_CONTROL_V1)
Openvpn just stopped
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: Openvpn just stopped
Fri Oct 01 13:53:15 2021 VERIFY ERROR: depth=2, error=certificate has expired: O=Digital Signature Trust Co., CN=DST Root CA X3
You need to setup new CA and everything from new . All client and server will not work anymore . There is no way to fix this
You need to setup new CA and everything from new . All client and server will not work anymore . There is no way to fix this
-
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jan 15, 2021 3:28 pm
Re: Openvpn just stopped
how do i even do that - cant remember from the last time - btw really appreciate your help
-
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jan 15, 2021 3:28 pm
Re: Openvpn just stopped
Certificate looks good until 29th of December this year
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: Openvpn just stopped
By the way do you know which certificate valid until 29 of December? There are two certificate if one of them expired so openvpn not work
There are client certificate. CA certificate server certificate so it tell on log CA is end of its life so you need fresh making the whole new CA and update all certificates on your system .
Can you check CA certificate and client certificate
server certificate and post in here.
There are client certificate. CA certificate server certificate so it tell on log CA is end of its life so you need fresh making the whole new CA and update all certificates on your system .
Can you check CA certificate and client certificate
server certificate and post in here.
-
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jan 15, 2021 3:28 pm
Re: Openvpn just stopped
Hi i only checked the cert on the synology but I am wondering if the cert ever worked - I always got a cert error but the client still connecting to the server