Cannot load certificate file

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
maceis
OpenVpn Newbie
Posts: 2
Joined: Fri Jul 28, 2023 10:50 am

Cannot load certificate file

Post by maceis » Fri Jul 28, 2023 12:53 pm

Hello

I have problems with my server config after updating from openvpn 2.5 to 2.6.5
When I start openvpn I get this output:

Code: Select all

openvpn --config /mod/etc/openvpn.conf 
2023-07-28 13:14:11 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-07-28 13:14:11 OpenVPN 2.6.5 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD]
2023-07-28 13:14:11 library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
2023-07-28 13:14:11 net_route_v4_best_gw query: dst 0.0.0.0
2023-07-28 13:14:11 net_route_v4_best_gw result: via 0.0.0.0 dev dsl
2023-07-28 13:14:11 Diffie-Hellman initialized with 2048 bit key
2023-07-28 13:14:11 OpenSSL: error:0A00018E:lib(20)::reason(398)
2023-07-28 13:14:11 Cannot load certificate file /tmp/flash/openvpn/box.crt
2023-07-28 13:14:11 Exiting due to fatal error
The file is readable for all users, it is not 0 Byte, I can open it and it has the correct content

Code: Select all

ls -l /tmp/flash/openvpn/box.crt
-rw-r--r--    1 root     root          8279 Jul 28 11:22 /tmp/flash/openvpn/box.crt

head -9 /tmp/flash/openvpn/box.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=DE, ST=Bavaria, L=Nuernberg, O=de.chaos-net, OU=EDV, CN=homebox/name=Martin Kissner/emailAddress=netadmin@chaos-net.de
        Validity
            Not Before: Jan 21 23:59:27 2020 GMT
            Not After : Jan 18 23:59:27 2030 GMT
This is my config

Code: Select all

# OpenVPN 2.6.5 mips-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD]
# library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
#  Config date: Fri Jul 28 12:43:07 CEST 2023
proto udp
dev tun
ca /tmp/flash/openvpn/ca.crt
cert /tmp/flash/openvpn/box.crt
key /tmp/flash/openvpn/box.key
dh /tmp/flash/openvpn/dh.pem
tls-server
port 1194
ifconfig 10.8.0.1 255.255.255.0
push "route-gateway 10.8.0.1"
topology subnet
push "topology subnet"
push "route 192.168.100.0 255.255.255.0"
max-clients 20
mode server
client-config-dir clients_openvpn
route 192.168.102.0 255.255.255.0 10.8.0.2
route 192.168.103.0 255.255.255.0 10.8.0.3
route 192.168.104.0 255.255.255.0 10.8.0.4
route 192.168.105.0 255.255.255.0 10.8.0.5
route 192.168.006.0 255.255.255.0 10.8.0.6
route 192.168.002.0 255.255.255.0 10.8.0.32
route 192.168.033.0 255.255.255.0 10.8.0.33
route 192.168.034.0 255.255.255.0 10.8.0.34
route 192.168.107.0 255.255.255.0 10.8.0.7
client-to-client
tun-mtu 1500
mssfix
verb 3
# cipher AES-128-CBC
# comp-lzo
keepalive 10 120
status /var/log/openvpn.log
cd /var/tmp/openvpn
chroot /var/tmp/openvpn
user openvpn
group openvpn
persist-tun
persist-key
# allow-compression yes
This config worked before.
I commented cipher and compression because I had errors and try to narrow down the problem step by step.
Any help will be really appreciated.
Top
Post Reply

Return to “Configuration”