[ask] TLS: tls_process: killed expiring key

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
JM
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 03, 2011 10:05 pm

[ask] TLS: tls_process: killed expiring key

Post by JM » Sat Apr 07, 2012 10:26 am

Sat Apr 07 15:59:40 2012 TLS: tls_process: killed expiring key
Sat Apr 07 15:59:55 2012 TLS: soft reset sec=0 bytes=2541980/0 pkts=15444/0
Sat Apr 07 16:00:02 2012 VERIFY OK: depth=1, /C=DE/ST=XXX/L=XXX/O=XXX-XXX/CN=XXX-XXX_CA/name=XXX/emailAddress=xxx@xxx.com
Sat Apr 07 16:00:02 2012 VERIFY OK: nsCertType=SERVER
Sat Apr 07 16:00:02 2012 VERIFY OK: depth=0, /C=DE/ST=XXX/L=XXX/O=XXX-XXX/CN=XXXyop/name=XXX/emailAddress=xxx@xxx.com
Sat Apr 07 16:00:11 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Apr 07 16:00:11 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 07 16:00:11 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Apr 07 16:00:11 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 07 16:00:11 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

Sat Apr 07 16:59:55 2012 TLS: tls_process: killed expiring key
Sat Apr 07 17:00:11 2012 TLS: soft reset sec=0 bytes=3076502/0 pkts=17046/0
Sat Apr 07 17:00:17 2012 VERIFY OK: depth=1, /C=DE/ST=XXX/L=XXX/O=XXX-XXX/CN=XXX-XXX_CA/name=XXX/emailAddress=xxx@xxx.com
Sat Apr 07 17:00:17 2012 VERIFY OK: nsCertType=SERVER
Sat Apr 07 17:00:17 2012 VERIFY OK: depth=0, /C=DE/ST=XXX/L=XXX/O=XXX-XXX/CN=XXXyop/name=XXX/emailAddress=xxx@xxx.com
Sat Apr 07 17:00:26 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Apr 07 17:00:26 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 07 17:00:26 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Apr 07 17:00:26 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 07 17:00:26 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
what mean TLS: tls_process: killed expiring key? does not encyrpt? how to solve it?
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: [ask] TLS: tls_process: killed expiring key

Post by janjust » Sat Apr 07, 2012 9:08 pm

encryption is still functional, but there is a minor problem when rekeying ; this message can occur when rekeying does not succeed the first time (usually 3600 seconds after starting the VPN tunnel). Check the 'reneg-*' settings in the manual page for more details.
Top
JM
OpenVpn Newbie
Posts: 5
Joined: Thu Nov 03, 2011 10:05 pm

Re: [ask] TLS: tls_process: killed expiring key

Post by JM » Sun Apr 08, 2012 12:04 am

janjust wrote:encryption is still functional, but there is a minor problem when rekeying ; this message can occur when rekeying does not succeed the first time (usually 3600 seconds after starting the VPN tunnel). Check the 'reneg-*' settings in the manual page for more details.
ImageImageImageImage
i see i see, thank you for help
Top
Post Reply

Return to “Scripting and Customizations”