[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-newbies
Subject:    Re: OpenVPN SSL error with CA
From:       "Szilveszter Ciurdar" <ciurdar () hotmail ! com>
Date:       2008-12-16 15:58:54
Message-ID: 1229443134.13323.1290359703 () webmail ! messagingengine ! com
[Download RAW message or body]

I did not have the right ca.crt file.  In addition, it was a compressed
archive with a missing extension which I found out by running the 'file'
command.

To list the files in a compressed archive, don't forget to include the z
(or Z) switch:

prompt$ tar tzf openvpn_keys.tar.gz
.....

The ca.crt file should be plaintext with ---Begin
Certificate---<...>---End Certificate---

Problem solved.

On Sat, 13 Dec 2008 15:35:03 -0500, "Szilveszter Ciurdar"
<ciurdar@hotmail.com> said:
> Does anyone have any experience on the client end for getting OpenVPN to
> work?  The senior admin gave me the required key files.
> 
> ca.crt
> my.crt
> my.key
> client.conf
> 
> I installed openvpn and lzo from packages and when I tried #openvpn
> --config <config file> it didn't work.
> 
> The directory was not in my $PATH so I had to specify
> /usr/local/sbin/openvpn  --config /etc/openvpn/client.conf
> 
> I also get this OpenSSL error that I can't figure out how to fix:
> 
> 'Cannot load CA certificate file /etc/ssl/ca.crt path (null)
> (SSL_CTX_load_verify_locations) (OpenSSL)'
> 
> I made sure that client.conf points to where I put the key and cert.  I
> put everything under /etc/openvpn.  Is this the right place?
> 
> Thanks for your help!
> 
> 
> 
_______________________________________________
Openbsd-newbies mailing list
Openbsd-newbies@sfobug.org
http://mailman.theapt.org/listinfo/openbsd-newbies
[prev in list] [next in list] [prev in thread] [next in thread]