TLS handshake fails after setting up keys
Posted: Sun Jul 12, 2015 10:08 am
I'm trying to set up OpenVPN on dd-wrt using a windows machine to set up the certs on the client side. I go through the following to set up the certs:
I verified the certs and got an okay on them
I coped the ca.crt ace.crt (client cert) over to the config folder, but when I try to connect to using my client cert, TLS fails as follows
I'm stumped on this one. I have tried to wipe all of the previous certs, making sure to run init-config and clean-all before editing vars.bat, as well as removing the old cert files from the config directory and starting the process all over again.
Any ideas?
Code: Select all
init-config
clean-all
build-ca
build-key
build-key-server
build-dhCode: Select all
c:\Program Files\OpenVPN\config>openssl verify -CAfile ca.crt router.crt
WARNING: can't open config file: /etc/ssl/openssl.cnf
router.crt: OK
c:\Program Files\OpenVPN\config>openssl verify -CAfile ca.crt ace.crt
WARNING: can't open config file: /etc/ssl/openssl.cnf
ace.crt: OKCode: Select all
Sat Jul 11 23:43:35 2015 us=567623 Current Parameter Settings:
Sat Jul 11 23:43:35 2015 us=568623 config = 'client.ovpn'
Sat Jul 11 23:43:35 2015 us=568623 mode = 0
Sat Jul 11 23:43:35 2015 us=568623 show_ciphers = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 show_digests = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 show_engines = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 genkey = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 key_pass_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 show_tls_ciphers = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 Connection profiles [default]:
Sat Jul 11 23:43:35 2015 us=568623 proto = tcp-client
Sat Jul 11 23:43:35 2015 us=568623 local = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 local_port = 0
Sat Jul 11 23:43:35 2015 us=568623 remote = 'gateway.arroyo.house'
Sat Jul 11 23:43:35 2015 us=568623 remote_port = 1194
Sat Jul 11 23:43:35 2015 us=568623 remote_float = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 bind_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 bind_local = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 connect_retry_seconds = 5
Sat Jul 11 23:43:35 2015 us=568623 connect_timeout = 10
Sat Jul 11 23:43:35 2015 us=568623 connect_retry_max = 0
Sat Jul 11 23:43:35 2015 us=568623 socks_proxy_server = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 socks_proxy_port = 0
Sat Jul 11 23:43:35 2015 us=568623 socks_proxy_retry = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 tun_mtu = 1500
Sat Jul 11 23:43:35 2015 us=568623 tun_mtu_defined = ENABLED
Sat Jul 11 23:43:35 2015 us=568623 link_mtu = 1500
Sat Jul 11 23:43:35 2015 us=568623 link_mtu_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 tun_mtu_extra = 0
Sat Jul 11 23:43:35 2015 us=568623 tun_mtu_extra_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 mtu_discover_type = -1
Sat Jul 11 23:43:35 2015 us=568623 fragment = 0
Sat Jul 11 23:43:35 2015 us=568623 mssfix = 1450
Sat Jul 11 23:43:35 2015 us=568623 explicit_exit_notification = 0
Sat Jul 11 23:43:35 2015 us=568623 Connection profiles END
Sat Jul 11 23:43:35 2015 us=568623 remote_random = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 ipchange = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 dev = 'tun'
Sat Jul 11 23:43:35 2015 us=568623 dev_type = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 dev_node = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 lladdr = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 topology = 1
Sat Jul 11 23:43:35 2015 us=568623 tun_ipv6 = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_local = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_remote_netmask = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_noexec = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_nowarn = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_ipv6_local = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_ipv6_netbits = 0
Sat Jul 11 23:43:35 2015 us=568623 ifconfig_ipv6_remote = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 shaper = 0
Sat Jul 11 23:43:35 2015 us=568623 mtu_test = 0
Sat Jul 11 23:43:35 2015 us=568623 mlock = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 keepalive_ping = 0
Sat Jul 11 23:43:35 2015 us=568623 keepalive_timeout = 0
Sat Jul 11 23:43:35 2015 us=568623 inactivity_timeout = 0
Sat Jul 11 23:43:35 2015 us=568623 ping_send_timeout = 0
Sat Jul 11 23:43:35 2015 us=568623 ping_rec_timeout = 0
Sat Jul 11 23:43:35 2015 us=568623 ping_rec_timeout_action = 0
Sat Jul 11 23:43:35 2015 us=568623 ping_timer_remote = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 remap_sigusr1 = 0
Sat Jul 11 23:43:35 2015 us=568623 persist_tun = ENABLED
Sat Jul 11 23:43:35 2015 us=568623 persist_local_ip = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 persist_remote_ip = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 persist_key = ENABLED
Sat Jul 11 23:43:35 2015 us=568623 passtos = DISABLED
Sat Jul 11 23:43:35 2015 us=568623 resolve_retry_seconds = 1000000000
Sat Jul 11 23:43:35 2015 us=568623 username = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 groupname = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 chroot_dir = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 cd_dir = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 writepid = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 up_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 down_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=568623 down_pre = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 up_restart = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 up_delay = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 daemon = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 inetd = 0
Sat Jul 11 23:43:35 2015 us=569623 log = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 suppress_timestamps = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 nice = 0
Sat Jul 11 23:43:35 2015 us=569623 verbosity = 4
Sat Jul 11 23:43:35 2015 us=569623 mute = 0
Sat Jul 11 23:43:35 2015 us=569623 status_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 status_file_version = 1
Sat Jul 11 23:43:35 2015 us=569623 status_file_update_freq = 60
Sat Jul 11 23:43:35 2015 us=569623 occ = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 rcvbuf = 0
Sat Jul 11 23:43:35 2015 us=569623 sndbuf = 0
Sat Jul 11 23:43:35 2015 us=569623 sockflags = 0
Sat Jul 11 23:43:35 2015 us=569623 fast_io = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 lzo = 7
Sat Jul 11 23:43:35 2015 us=569623 route_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 route_default_gateway = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 route_default_metric = 0
Sat Jul 11 23:43:35 2015 us=569623 route_noexec = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 route_delay = 5
Sat Jul 11 23:43:35 2015 us=569623 route_delay_window = 30
Sat Jul 11 23:43:35 2015 us=569623 route_delay_defined = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 route_nopull = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 route_gateway_via_dhcp = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 max_routes = 100
Sat Jul 11 23:43:35 2015 us=569623 allow_pull_fqdn = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 management_addr = '127.0.0.1'
Sat Jul 11 23:43:35 2015 us=569623 management_port = 25340
Sat Jul 11 23:43:35 2015 us=569623 management_user_pass = 'stdin'
Sat Jul 11 23:43:35 2015 us=569623 management_log_history_cache = 250
Sat Jul 11 23:43:35 2015 us=569623 management_echo_buffer_size = 100
Sat Jul 11 23:43:35 2015 us=569623 management_write_peer_info_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 management_client_user = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 management_client_group = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 management_flags = 6
Sat Jul 11 23:43:35 2015 us=569623 shared_secret_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 key_direction = 0
Sat Jul 11 23:43:35 2015 us=569623 ciphername_defined = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 ciphername = 'AES-128-CBC'
Sat Jul 11 23:43:35 2015 us=569623 authname_defined = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 authname = 'SHA1'
Sat Jul 11 23:43:35 2015 us=569623 prng_hash = 'SHA1'
Sat Jul 11 23:43:35 2015 us=569623 prng_nonce_secret_len = 16
Sat Jul 11 23:43:35 2015 us=569623 keysize = 0
Sat Jul 11 23:43:35 2015 us=569623 engine = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 replay = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 mute_replay_warnings = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 replay_window = 64
Sat Jul 11 23:43:35 2015 us=569623 replay_time = 15
Sat Jul 11 23:43:35 2015 us=569623 packet_id_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 use_iv = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 test_crypto = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 tls_server = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 tls_client = ENABLED
Sat Jul 11 23:43:35 2015 us=569623 key_method = 2
Sat Jul 11 23:43:35 2015 us=569623 ca_file = 'ca.crt'
Sat Jul 11 23:43:35 2015 us=569623 ca_path = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 dh_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 cert_file = 'ace.crt'
Sat Jul 11 23:43:35 2015 us=569623 priv_key_file = 'ace.key'
Sat Jul 11 23:43:35 2015 us=569623 pkcs12_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 cryptoapi_cert = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 cipher_list = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 tls_verify = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 tls_export_cert = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 verify_x509_type = 0
Sat Jul 11 23:43:35 2015 us=569623 verify_x509_name = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 crl_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 ns_cert_type = 1
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_ku[i] = 0
Sat Jul 11 23:43:35 2015 us=569623 remote_cert_eku = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=569623 ssl_flags = 0
Sat Jul 11 23:43:35 2015 us=569623 tls_timeout = 2
Sat Jul 11 23:43:35 2015 us=569623 renegotiate_bytes = 0
Sat Jul 11 23:43:35 2015 us=569623 renegotiate_packets = 0
Sat Jul 11 23:43:35 2015 us=569623 renegotiate_seconds = 3600
Sat Jul 11 23:43:35 2015 us=569623 handshake_window = 60
Sat Jul 11 23:43:35 2015 us=569623 transition_window = 3600
Sat Jul 11 23:43:35 2015 us=569623 single_session = DISABLED
Sat Jul 11 23:43:35 2015 us=569623 push_peer_info = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 tls_exit = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 tls_auth_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_protected_authentication = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_private_mode = 00000000
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_cert_private = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_pin_cache_period = -1
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_id = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=570623 pkcs11_id_management = DISABLED
Sat Jul 11 23:43:35 2015 us=570623 server_network = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=570623 server_netmask = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 server_network_ipv6 = ::
Sat Jul 11 23:43:35 2015 us=571623 server_netbits_ipv6 = 0
Sat Jul 11 23:43:35 2015 us=571623 server_bridge_ip = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 server_bridge_netmask = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 server_bridge_pool_start = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 server_bridge_pool_end = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_start = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_end = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_netmask = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_persist_filename = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_pool_persist_refresh_freq = 600
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_ipv6_pool_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_ipv6_pool_base = ::
Sat Jul 11 23:43:35 2015 us=571623 ifconfig_ipv6_pool_netbits = 0
Sat Jul 11 23:43:35 2015 us=571623 n_bcast_buf = 256
Sat Jul 11 23:43:35 2015 us=571623 tcp_queue_limit = 64
Sat Jul 11 23:43:35 2015 us=571623 real_hash_size = 256
Sat Jul 11 23:43:35 2015 us=571623 virtual_hash_size = 256
Sat Jul 11 23:43:35 2015 us=571623 client_connect_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 learn_address_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 client_disconnect_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 client_config_dir = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 ccd_exclusive = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 tmp_dir = 'C:\Users\Henry\AppData\Local\Temp\'
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_local = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_remote_netmask = 0.0.0.0
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_ipv6_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_ipv6_local = ::/0
Sat Jul 11 23:43:35 2015 us=571623 push_ifconfig_ipv6_remote = ::
Sat Jul 11 23:43:35 2015 us=571623 enable_c2c = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 duplicate_cn = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 cf_max = 0
Sat Jul 11 23:43:35 2015 us=571623 cf_per = 0
Sat Jul 11 23:43:35 2015 us=571623 max_clients = 1024
Sat Jul 11 23:43:35 2015 us=571623 max_routes_per_client = 256
Sat Jul 11 23:43:35 2015 us=571623 auth_user_pass_verify_script = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 auth_user_pass_verify_script_via_file = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 client = ENABLED
Sat Jul 11 23:43:35 2015 us=571623 pull = ENABLED
Sat Jul 11 23:43:35 2015 us=571623 auth_user_pass_file = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 show_net_up = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 route_method = 0
Sat Jul 11 23:43:35 2015 us=571623 ip_win32_defined = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 ip_win32_type = 3
Sat Jul 11 23:43:35 2015 us=571623 dhcp_masq_offset = 0
Sat Jul 11 23:43:35 2015 us=571623 dhcp_lease_time = 31536000
Sat Jul 11 23:43:35 2015 us=571623 tap_sleep = 0
Sat Jul 11 23:43:35 2015 us=571623 dhcp_options = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 dhcp_renew = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 dhcp_pre_release = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 dhcp_release = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 domain = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 netbios_scope = '[UNDEF]'
Sat Jul 11 23:43:35 2015 us=571623 netbios_node_type = 0
Sat Jul 11 23:43:35 2015 us=571623 disable_nbt = DISABLED
Sat Jul 11 23:43:35 2015 us=571623 OpenVPN 2.3.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Apr 14 2014
Enter Management Password:
Sat Jul 11 23:43:35 2015 us=572623 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Jul 11 23:43:35 2015 us=572623 Need hold release from management interface, waiting...
Sat Jul 11 23:43:36 2015 us=44650 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Jul 11 23:43:36 2015 us=144656 MANAGEMENT: CMD 'state on'
Sat Jul 11 23:43:36 2015 us=144656 MANAGEMENT: CMD 'log all on'
Sat Jul 11 23:43:36 2015 us=201659 MANAGEMENT: CMD 'hold off'
Sat Jul 11 23:43:36 2015 us=202659 MANAGEMENT: CMD 'hold release'
Sat Jul 11 23:43:36 2015 us=335667 LZO compression initialized
Sat Jul 11 23:43:36 2015 us=335667 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jul 11 23:43:36 2015 us=335667 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Jul 11 23:43:36 2015 us=335667 MANAGEMENT: >STATE:1436694216,RESOLVE,,,
Sat Jul 11 23:43:36 2015 us=340667 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 11 23:43:36 2015 us=341667 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Jul 11 23:43:36 2015 us=341667 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Jul 11 23:43:36 2015 us=341667 Local Options hash (VER=V4): 'bc07730e'
Sat Jul 11 23:43:36 2015 us=341667 Expected Remote Options hash (VER=V4): 'b695cb4a'
Sat Jul 11 23:43:36 2015 us=341667 Attempting to establish TCP connection with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:36 2015 us=341667 MANAGEMENT: >STATE:1436694216,TCP_CONNECT,,,
Sat Jul 11 23:43:36 2015 us=342667 TCP connection established with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:36 2015 us=342667 TCPv4_CLIENT link local: [undef]
Sat Jul 11 23:43:36 2015 us=342667 TCPv4_CLIENT link remote: [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:36 2015 us=342667 MANAGEMENT: >STATE:1436694216,WAIT,,,
Sat Jul 11 23:43:36 2015 us=351668 MANAGEMENT: >STATE:1436694216,AUTH,,,
Sat Jul 11 23:43:36 2015 us=351668 TLS: Initial packet from [AF_INET]192.168.1.1:1194, sid=14bd6226 2c2b1670
Sat Jul 11 23:43:36 2015 us=819694 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=HI, L=Wailuku, O=arroyo.house, OU=HOME, CN=gateway, name=arroyo.house, emailAddress=henryarroyo@gmail.com
Sat Jul 11 23:43:36 2015 us=819694 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sat Jul 11 23:43:36 2015 us=820694 TLS Error: TLS object -> incoming plaintext read error
Sat Jul 11 23:43:36 2015 us=820694 TLS Error: TLS handshake failed
Sat Jul 11 23:43:36 2015 us=820694 Fatal TLS error (check_tls_errors_co), restarting
Sat Jul 11 23:43:36 2015 us=820694 TCP/UDP: Closing socket
Sat Jul 11 23:43:36 2015 us=820694 SIGUSR1[soft,tls-error] received, process restarting
Sat Jul 11 23:43:36 2015 us=820694 MANAGEMENT: >STATE:1436694216,RECONNECTING,tls-error,,
Sat Jul 11 23:43:36 2015 us=820694 Restart pause, 5 second(s)
Sat Jul 11 23:43:41 2015 us=820980 Re-using SSL/TLS context
Sat Jul 11 23:43:41 2015 us=820980 LZO compression initialized
Sat Jul 11 23:43:41 2015 us=820980 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jul 11 23:43:41 2015 us=820980 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Jul 11 23:43:41 2015 us=820980 MANAGEMENT: >STATE:1436694221,RESOLVE,,,
Sat Jul 11 23:43:41 2015 us=825981 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 11 23:43:41 2015 us=825981 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Jul 11 23:43:41 2015 us=825981 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Jul 11 23:43:41 2015 us=825981 Local Options hash (VER=V4): 'bc07730e'
Sat Jul 11 23:43:41 2015 us=825981 Expected Remote Options hash (VER=V4): 'b695cb4a'
Sat Jul 11 23:43:41 2015 us=825981 Attempting to establish TCP connection with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:41 2015 us=825981 MANAGEMENT: >STATE:1436694221,TCP_CONNECT,,,
Sat Jul 11 23:43:41 2015 us=827981 TCP connection established with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:41 2015 us=827981 TCPv4_CLIENT link local: [undef]
Sat Jul 11 23:43:41 2015 us=827981 TCPv4_CLIENT link remote: [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:41 2015 us=827981 MANAGEMENT: >STATE:1436694221,WAIT,,,
Sat Jul 11 23:43:41 2015 us=853982 MANAGEMENT: >STATE:1436694221,AUTH,,,
Sat Jul 11 23:43:41 2015 us=854982 TLS: Initial packet from [AF_INET]192.168.1.1:1194, sid=e2c6ac51 ac284575
Sat Jul 11 23:43:42 2015 us=352011 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=HI, L=Wailuku, O=arroyo.house, OU=HOME, CN=gateway, name=arroyo.house, emailAddress=henryarroyo@gmail.com
Sat Jul 11 23:43:42 2015 us=352011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sat Jul 11 23:43:42 2015 us=353011 TLS Error: TLS object -> incoming plaintext read error
Sat Jul 11 23:43:42 2015 us=353011 TLS Error: TLS handshake failed
Sat Jul 11 23:43:42 2015 us=353011 Fatal TLS error (check_tls_errors_co), restarting
Sat Jul 11 23:43:42 2015 us=353011 TCP/UDP: Closing socket
Sat Jul 11 23:43:42 2015 us=353011 SIGUSR1[soft,tls-error] received, process restarting
Sat Jul 11 23:43:42 2015 us=353011 MANAGEMENT: >STATE:1436694222,RECONNECTING,tls-error,,
Sat Jul 11 23:43:42 2015 us=353011 Restart pause, 5 second(s)
Sat Jul 11 23:43:47 2015 us=353297 Re-using SSL/TLS context
Sat Jul 11 23:43:47 2015 us=353297 LZO compression initialized
Sat Jul 11 23:43:47 2015 us=353297 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jul 11 23:43:47 2015 us=353297 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Jul 11 23:43:47 2015 us=353297 MANAGEMENT: >STATE:1436694227,RESOLVE,,,
Sat Jul 11 23:43:47 2015 us=364297 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 11 23:43:47 2015 us=364297 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Jul 11 23:43:47 2015 us=364297 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Jul 11 23:43:47 2015 us=364297 Local Options hash (VER=V4): 'bc07730e'
Sat Jul 11 23:43:47 2015 us=364297 Expected Remote Options hash (VER=V4): 'b695cb4a'
Sat Jul 11 23:43:47 2015 us=364297 Attempting to establish TCP connection with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:47 2015 us=364297 MANAGEMENT: >STATE:1436694227,TCP_CONNECT,,,
Sat Jul 11 23:43:47 2015 us=366298 TCP connection established with [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:47 2015 us=366298 TCPv4_CLIENT link local: [undef]
Sat Jul 11 23:43:47 2015 us=366298 TCPv4_CLIENT link remote: [AF_INET]192.168.1.1:1194
Sat Jul 11 23:43:47 2015 us=366298 MANAGEMENT: >STATE:1436694227,WAIT,,,
Sat Jul 11 23:43:47 2015 us=375298 MANAGEMENT: >STATE:1436694227,AUTH,,,
Sat Jul 11 23:43:47 2015 us=375298 TLS: Initial packet from [AF_INET]192.168.1.1:1194, sid=90e14f09 2fb4b315
Sat Jul 11 23:43:47 2015 us=721318 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=HI, L=Wailuku, O=arroyo.house, OU=HOME, CN=gateway, name=arroyo.house, emailAddress=henryarroyo@gmail.com
Sat Jul 11 23:43:47 2015 us=721318 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sat Jul 11 23:43:47 2015 us=721318 TLS Error: TLS object -> incoming plaintext read error
Sat Jul 11 23:43:47 2015 us=721318 TLS Error: TLS handshake failed
Sat Jul 11 23:43:47 2015 us=721318 Fatal TLS error (check_tls_errors_co), restarting
Sat Jul 11 23:43:47 2015 us=721318 TCP/UDP: Closing socket
Sat Jul 11 23:43:47 2015 us=722318 SIGUSR1[soft,tls-error] received, process restarting
Sat Jul 11 23:43:47 2015 us=722318 MANAGEMENT: >STATE:1436694227,RECONNECTING,tls-error,,
Sat Jul 11 23:43:47 2015 us=722318 Restart pause, 5 second(s)
Sat Jul 11 23:43:48 2015 us=722375 SIGTERM[hard,init_instance] received, process exiting
Sat Jul 11 23:43:48 2015 us=722375 MANAGEMENT: >STATE:1436694228,EXITING,init_instance,,
Any ideas?