Dear Jonathan,
Thank you very much for your respond.
I've followed your thread but it does not make anychange.
The file of 'dh1024.pem' exists, here also the '/var/log/messages':
"
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # ls -l
total 44
-rw-r--r-- 1 root root 3953 Oct 28 11:41 01.pem
-rw-r--r-- 1 root root 1273 Oct 28 11:39 ca.crt
-rw------- 1 root root 891 Oct 28 11:39 ca.key
-rw-r--r-- 1 root root 245 Oct 28 11:42 dh1024.pem
-rw-r--r-- 1 root root 116 Oct 28 11:41 index.txt
-rw-r--r-- 1 root root 21 Oct 28 11:41 index.txt.attr
-rw-r--r-- 1 root root 0 Oct 28 11:36 index.txt.old
-rw-r--r-- 1 root root 3 Oct 28 11:41 serial
-rw-r--r-- 1 root root 3 Oct 28 11:36 serial.old
-rw-r--r-- 1 root root 3953 Oct 28 11:41 toka-site.crt
-rw-r--r-- 1 root root 777 Oct 28 11:40 toka-site.csr
-rw------- 1 root root 887 Oct 28 11:40 toka-site.key
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # chmod 644 ./dh1024.pem
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # rcopenvpn start
Starting OpenVPN failed
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # tail -n 30 /var/log/messages
Oct 28 14:30:53 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:54 mysussy openvpn[8502]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8502]: Cannot open file key file 'static.key': No such file or directory (errno=2)
Oct 28 14:30:54 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:30:54 mysussy openvpn[8502]: Exiting
Oct 28 14:30:54 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:30:54 mysussy openvpn[8506]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8506]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8506]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 28 14:30:54 mysussy openvpn[8506]: Cannot load certificate file home.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Oct 28 14:30:54 mysussy openvpn[8506]: Exiting
Oct 28 14:30:54 mysussy openvpn[8508]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8508]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8508]: Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file
Oct 28 14:30:54 mysussy openvpn[8508]: Exiting
Oct 28 14:30:57 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:57 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:30:57 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:02 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:02 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:31:02 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:08 mysussy kernel: printk: 3 messages suppressed.
Oct 28 14:31:08 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:31:08 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:13 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:13 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:31:13 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:17 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:17 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 28 14:31:17 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys #
".
--- On Tue, 10/28/08, Jonathan Ervine
Dear Jessen,
Firstly, thank you very much for your help.
This is the error messages in '/var/log/messages': Oct 28 11:14:58 mysussy openvpn[10195]: Cannot open dh1024.pem for DH parameters: error:02001002:system
From: Jonathan Ervine
Subject: Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11 To: opensuse@opensuse.org Date: Tuesday, October 28, 2008, 6:07 AM On Tuesday 28 October 2008 11:23:27 Patrik Hasibuan wrote: library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file ".
# This file should be kept secret dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem
The openvpn daemon cannot open the the dh1024.pem file. Can you verify that this file exists where the conf file reports it to be, and also check the permissions of the file. If it exists, then temporarily change the permissions to 644 on the file and try again.
Jon -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org