Can't load inline certificate error on Mac

Scripts to manage certificates or generate config files

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
EricRFMA
OpenVpn Newbie
Posts: 1
Joined: Sat Dec 13, 2014 4:44 am

Can't load inline certificate error on Mac

Post by EricRFMA » Sat Dec 13, 2014 4:56 am

(I wasn't sure where to post this, since there doesn't seem to be a topic anywhere for client connections issues, so hopefully this will be ok...)

I'm on Mac OS 10.9.5, with the latest Tunnelblick (Tunnelblick 3.4.2 (build 4055.4161))

This is my first time trying to use OpenVPN on my Mac. The .ovpn file was supplied by my company.

When I try to connect, I see this in the log:

Code: Select all

2014-12-12 23:38:00 us=415541 OpenVPN 2.3.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Dec  1 2014
2014-12-12 23:38:00 us=415557 library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.08
2014-12-12 23:38:00 us=416886 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2014-12-12 23:38:00 us=418469 Need hold release from management interface, waiting...
2014-12-12 23:38:00 us=572040 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2014-12-12 23:38:00 us=577157 MANAGEMENT: CMD 'pid'
2014-12-12 23:38:00 us=577496 MANAGEMENT: CMD 'state on'
2014-12-12 23:38:00 us=577758 MANAGEMENT: CMD 'state'
2014-12-12 23:38:00 us=578030 MANAGEMENT: CMD 'bytecount 1'
2014-12-12 23:38:00 us=578267 MANAGEMENT: CMD 'hold release'
2014-12-12 23:38:00 us=578828 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2014-12-12 23:38:00 us=579089 PLUGIN_INIT: POST /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.6/openvpn-down-root.so '[/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.6/openvpn-down-root.so] [/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh] [-m] [-w] [-d] [-f] [-ptADGNWradsgnw]' intercepted=PLUGIN_UP|PLUGIN_DOWN 
2014-12-12 23:38:00 us=580134 MANAGEMENT: Client disconnected
2014-12-12 23:38:00 us=580369 Cannot load inline certificate file: error:0906D06C:PEM routines:PEM_read_bio:no start line: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
2014-12-12 23:38:00 us=580571 Exiting due to fatal error
The inline certs are bracketed with these lines:

Code: Select all

cipher DES-EDE3-CBC  # Triple-DES
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,F43854D128CA1D3A
...
-----END RSA PRIVATE KEY-----
</key>
Can anyone help?

Thanks!

-Eric
Top
Post Reply

Return to “Cert / Config management”