Ios 16.5.1 and new OPENVPN beta, is my config file wrong?

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
OpenVpn Newbie
Posts: 2
Joined: Tue Jun 27, 2023 7:32 am

Ios 16.5.1 and new OPENVPN beta, is my config file wrong?

Post by scriiby » Tue Jun 27, 2023 9:18 am

I'm trying to connect to a azure VPN but I keep getting this error:

Code: Select all

PKey::parse_pem: error in private key:: error:0909006C:PEM routines:get_name:no start line
the certs are self-signed and i think the problem may come from the certifications which I don't really know how to setup correctly to be honest.

Code: Select all

remote azuregateway*******************************
remote-cert-tls server

dev tun
proto tcp
resolv-retry infinite

auth SHA256
cipher AES-256-GCM

tls-timeout 30
tls-version-min 1.2
key-direction 1

log openvpn.log
verb 3

# P2S CA root certificate


# Pre Shared Key
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----

# P2S client certificate
# Please fill this field with a PEM formatted client certificate
# Alternatively, configure 'cert PATH_TO_CLIENT_CERT' to use input from a PEM certificate file.


# P2S client certificate private key
# Please fill this field with a PEM formatted private key of the client certificate.
# Alternatively, configure 'key PATH_TO_CLIENT_KEY' to use input from a PEM key file.


this is my config file with the certificates deleted obviously... any help is appreciated

OpenVpn Newbie
Posts: 1
Joined: Tue Sep 12, 2023 2:50 pm

Re: Ios 16.5.1 and new OPENVPN beta, is my config file wrong?

Post by leland.ballard » Tue Sep 12, 2023 2:51 pm

Did you ever solve this? Having the same issue now as well with iOS. Thanks!

User avatar
OpenVPN Inc.
Posts: 1293
Joined: Tue Feb 16, 2021 10:41 am

Re: Ios 16.5.1 and new OPENVPN beta, is my config file wrong?

Post by openvpn_inc » Wed Oct 11, 2023 9:44 pm


At the bottom there is a section for <key> </key> that is supposed to contain the private key. A private key tends to begin with -----BEGIN PRIVATE KEY---- and not ----BEGIN CERTIFICATE-----. The difference is that a private key is a bit of unique cryptographic data, but a certificate contains things like common name, company name, organization name, and so on, and is signed by a CA with a signature. That is completely different.

Is this a copy/paste error or something? Because the <key> </key> section should never contain -----BEGIN CERTIFICATE----- or such. A certificate does not belong in that section. A private key belongs in that section.

Kind regards,
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system:

Post Reply