Question

Hi guys. Im trying to make RUTX09 as openvpn server. I got this error which says : 

Thu Apr  6 11:52:02 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

Thu Apr  6 11:52:02 2023 OpenSSL: error:1E08010C:DECODER routines::unsupported

Thu Apr  6 11:52:02 2023 Cannot load private key file [[INLINE]]

This is my config :

remote <redacted by Teltonika moderators> 1194

proto tcp-client

port 1194

dev tun

client

verb 5

keepalive 10 60

float

persist-tun

persist-key

auth SHA256

cipher AES-256-CBC

pull

<ca>

-----BEGIN CERTIFICATE-----

<redacted by Teltonika moderators>

-----END CERTIFICATE-----

</ca>

<cert>

-----BEGIN CERTIFICATE-----

<redacted by Teltonika moderators>

-----END CERTIFICATE-----

</cert>

<key>

<redacted by Teltonika moderators>

</key>

Answer 1

Hello,

I would like you to attach a troubleshoot file from the router to your question by editing it. Please, replicate the issue, then access router's WebUI, go to System -> Administration -> Troubleshoot section and download troubleshoot file from there. The logs in the file might provide more insight into the issue.

Attached files are private and visible only to Teltonika Moderators.

I would also like you to explain, how did you generate the certificates and keys used in your configuration?

If you could send the private key you have uploaded to the RUT device in a private message, it would be helpful as well.

Best regards,

Comments

I did send you the message

---

There is a mismatch between client and server configuration:

No common cipher between server and client. Server data-ciphers: 'BF-CBC', client supported ciphers 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305'

Could you login to RUTX09, navigate to Services -> VPN -> OpenVPN. Edit server configuration settings and change Encryption option to AES-256-GCM 256.

Best regards,