I have installed OpenVPN server 2.4.4 on a virtual Windows Server 2016 for testing purposes before embarking on setting up on our live network.
I used a combination of 3 how-to pages to set it up, one is the official OpenVPN one.
I have used easy-rsa to generate all the certificates and keys needed and I have also created a test client key/certificate set.
This has been stuffed into a client ovpn file like I have done many times before on Linux (this is my first time on Windows).
First test bombed:
To test this I have done like I always do, namely disconnect my Samsung Galaxy phone from WiFi so it enters the mobile network.
I have previously transferred the ovpn file using a USB connection and now on the phone in the OpenVPN-GUI app I have tried to import the profile.
But now I am getting a very strange error message on the phone, which I have never seen before:
I have checked the file and it looks all right to me. The only thing that comes to mind now is that the ovpn file was created on Windows and thus could have Windows line endings (CRLF) but is being used on an Android phone, which most likely uses only LF line endings. But the file turns out to use LF only as line ending..."Error parsing OpenVPN profile nameofclient.ovpn: option_error: option <ca> was not properly closed out"
So I cannot understand why it would be like this because there would be lots of people having my error but I found only two on Google and these were not resolved...
Here is the start of my ovpn file:
Code: Select all
client
dev tun
proto udp
remote vpn.xxxxxxx.com 1199
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
comp-lzo
verb 3
mute 20
<ca>
-----BEGIN CERTIFICATE-----
MIIGpzCCBI+gAwIBAgIJAJgCPgFWo8l7MA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD
--- remainder of certificate ---
Elhszk8LpvUQPyyhJP0KskhUDx1dQ4jKfoEb
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIG6TCCBNGgAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCVVMx
etc to the end
What can I look for in order to fix this problem?