I have a Cisco e4200 with tomato-E4200USB-NVRAM60K-1.28.RT-N5x-MIPSR2-123-AIO.bin installed.
The problem is that I can't start the OpenVPN client, the logs shows this error measage:
Nov 8 17:41:33 unknown daemon.notice openvpn[12826]: OpenVPN 2.3.4 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 14 2014
Nov 8 17:41:33 unknown daemon.notice openvpn[12826]: library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.06
Nov 8 17:41:33 unknown daemon.warn openvpn[12826]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Nov 8 17:41:33 unknown daemon.warn openvpn[12826]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 8 17:41:33 unknown daemon.err openvpn[12826]: Error: private key password verification failed
Nov 8 17:41:33 unknown daemon.notice openvpn[12826]: Exiting due to fatal error
I used this tutorial to create the certificates: http://uwnthesis.wordpress.com/2013/09/ ... n-windows/
I tried to create the client keys without entering a PEM pass phrase but it errors out and does not create the key files.
What could be the problem?
Client - Error: private key password verification failed
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Nov 09, 2014 10:49 am
Client - Error: private key password verification failed
Last edited by debbie10t on Thu Nov 13, 2014 3:50 pm, edited 1 time in total.
Reason: Title clarity
Reason: Title clarity
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Can't start OpenVPN Clinet
On that HOWTO it says:.09. wrote:I used this tutorial to create the certificates: http://uwnthesis.wordpress.com/2013/09/ ... n-windows/
You will have to remake your client key without a challenge password.Step 6 – Build your Client Key (repeat for each vpn client)
- In the same command prompt type build-key vpnclient1.
Enter client password
Enter Common name eg vpnclient1
Enter a client challenge password
Enter Variables for client
Sign = Y
Commit =Y
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Nov 09, 2014 10:49 am
Re: Can't start OpenVPN Clinet
Thank you for your help.
I tried to build the client key without the client challenge password but I still get the same error in the logs and I can't start OpenVPN. Any other ideas?
Nov 13 08:26:46 unknown daemon.err openvpn[4100]: Error: private key password verification failed
I tried to build the client key without the client challenge password but I still get the same error in the logs and I can't start OpenVPN. Any other ideas?
Nov 13 08:26:46 unknown daemon.err openvpn[4100]: Error: private key password verification failed
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Can't start OpenVPN Clinet
Did you also recreate your server key without the password ?
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Nov 09, 2014 10:49 am
Re: Can't start OpenVPN Clinet
Yes, I also recreated the server key without a password.
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Client - Error: private key password verification failed
So what is this error .. And how did you subsequently re-create your client cert/key ?.09. wrote:I tried to create the client keys without entering a PEM pass phrase but it errors out and does not create the key files
You may also want to try: EasyRSA3-rc2:
https://github.com/OpenVPN/easy-rsa/releases
If you use that tool when you create your server/client key add the nopass option.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Nov 09, 2014 10:49 am
Re: Client - Error: private key password verification failed
I managed to solve this. I created the client key with a PEM pass phrase and then removed the password with:
Thank you for your help!
Code: Select all
openssl.exe rsa -in "C:\Path\to\your.key" -out "C:\Path\to\your.key"