On Thursday 30 October 2008 09:12:47 Patrik Hasibuan wrote:
Dear Jo,
I checked in the '/etc/init.d/openvpn': " .... .... DAEMON="OpenVPN" openvpn=/usr/sbin/openvpn confdir=/etc/openvpn piddir=/var/run/openvpn .... .... ". So it means my openvpn read the 'server.conf' which resides in '/etc/openvpn/server.conf'.
I suspect it means it will read _any_ conf file in /etc/openvpn. It's still not reading the conf file you wish it to - see below...
I've removed the dec in my '/etc/openvpn/server.conf': " mysussy:/etc/openvpn # cat server.conf local 219.83.114.179 port 1194 proto tcp ca /usr/share/openvpn/easy-rsa/2.0/keys/ca.crt cert /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.crt key /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.key # This file should be kept secret dh /usr/share/openvpn/easy-rsa/2.0/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt client-to-client keepalive 10 120 ns-cert-type server mysussy:/etc/openvpn # ".
Here is my '/var/log/messages/', I saw after my openvpn failed to start: " mysussy:/etc/openvpn # tail -n 30 /var/log/messages Oct 30 09:03:34 mysussy openvpn[10361]: Cannot open file key file 'static.key': No such file or directory (errno=2) Oct 30 09:03:34 mysussy openvpn[10361]: Exiting
It's still trying to load static.key which doesn't exist. So it's still reading the wrong conf file. I don't know why, and as per my previous email I'd worry about that after getting openvpn to start up from the command lin by explicitly specifying the conf file you wish to use...
Oct 30 09:03:35 mysussy openvpn[10365]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Oct 30 09:03:35 mysussy openvpn[10365]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 30 09:03:35 mysussy openvpn[10365]: Cannot open file key file 'static.key': No such file or directory (errno=2) Oct 30 09:03:35 mysussy openvpn[10365]: Exiting Oct 30 09:03:35 mysussy openvpn[10369]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Oct 30 09:03:35 mysussy openvpn[10369]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 30 09:03:35 mysussy openvpn[10369]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Oct 30 09:03:35 mysussy openvpn[10369]: Cannot load certificate file home.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib Oct 30 09:03:35 mysussy openvpn[10369]: Exiting Oct 30 09:03:35 mysussy openvpn[10374]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Oct 30 09:03:35 mysussy openvpn[10374]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 30 09:03:35 mysussy openvpn[10374]: Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file Oct 30 09:03:35 mysussy openvpn[10374]: Exiting
A few more error messages about missing files: home.crt and dh1024.pem. Please run openvpn --config /etc/openvpn/server.conf from a root command line. This will at least tell us that the conf file is sane and works. Then we can worry about getting the daemon to use this file... Jon -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org