OpenVPN SSL error with CA
Szilveszter Ciurdar
ciurdar at hotmail.com
Tue Dec 16 16:58:54 CET 2008
I did not have the right ca.crt file. In addition, it was a compressed
archive with a missing extension which I found out by running the 'file'
command.
To list the files in a compressed archive, don't forget to include the z
(or Z) switch:
prompt$ tar tzf openvpn_keys.tar.gz
.....
The ca.crt file should be plaintext with ---Begin
Certificate---<...>---End Certificate---
Problem solved.
On Sat, 13 Dec 2008 15:35:03 -0500, "Szilveszter Ciurdar"
<ciurdar at hotmail.com> said:
> Does anyone have any experience on the client end for getting OpenVPN to
> work? The senior admin gave me the required key files.
>
> ca.crt
> my.crt
> my.key
> client.conf
>
> I installed openvpn and lzo from packages and when I tried #openvpn
> --config <config file> it didn't work.
>
> The directory was not in my $PATH so I had to specify
> /usr/local/sbin/openvpn --config /etc/openvpn/client.conf
>
> I also get this OpenSSL error that I can't figure out how to fix:
>
> 'Cannot load CA certificate file /etc/ssl/ca.crt path (null)
> (SSL_CTX_load_verify_locations) (OpenSSL)'
>
> I made sure that client.conf points to where I put the key and cert. I
> put everything under /etc/openvpn. Is this the right place?
>
> Thanks for your help!
>
>
>
More information about the Openbsd-newbies
mailing list