[Bug 779139] New: Path to cert and key files must be absolute in openvpn server config
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139 https://bugzilla.novell.com/show_bug.cgi?id=779139#c0 Summary: Path to cert and key files must be absolute in openvpn server config Classification: openSUSE Product: openSUSE 12.2 Version: Final Platform: Other OS/Version: openSUSE 12.2 Status: NEW Severity: Normal Priority: P5 - None Component: Documentation AssignedTo: ke@suse.com ReportedBy: guillom.pom@gmail.com QAContact: ke@suse.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0 The documentation at http://doc.opensuse.org/documentation/html/openSUSE/opensuse-security/cha.se... gives the following instructions for configuring an openvpn server: # Security ca ssl/ca.crt cert ssl/server.crt key ssl/server.key dh ssl/dh1024.pem When starting the server with openvpn /etc/openvpn/server.conf the configuration above gives error messages like: Cannot open ssl/dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file The error disappears if the path to the dh file is changed to be absolute: dh /etc/openvpn/ssl/dh1024.pem Same goes for the cert and key files. I haven't tested the client config yet, but I'm guessing it'll need absolute paths as well. The documentation should be updated to reflect this. Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c1
Karl Eichwalder
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c2
--- Comment #2 from Frank Sundermeyer
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c3
Frank Sundermeyer
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c4
Ludwig Nussel
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c5
Karl Eichwalder
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c6
--- Comment #6 from Bernhard Wiedemann
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=779139
https://bugzilla.novell.com/show_bug.cgi?id=779139#c7
--- Comment #7 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com