[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] TLS authentication fails after one month, again


  • Subject: Re: [Openvpn-users] TLS authentication fails after one month, again
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Thu, 11 Nov 2004 19:00:26 -0700 (MST)

On Thu, 11 Nov 2004, Leonard Isham wrote:

> On Thu, 11 Nov 2004 10:55:23 -0700, Michael Kelly
> <mkelly@xxxxxxxxxxxxxxxxxx> wrote:
> > Hello all,
> > 
> > I came into the office this morning and all openVPN connections were
> > down. I have messages in the logs stating that the TLS handshake failed
> > and that negotiation failed to occur within 60secs. The same thing
> > happen exactly one month ago to the day and I never properly resolved
> > it. I ended up recreating the entire certificate structure from the
> > ground up.
> > 
> > I have checked the expiry dates on all certificates, including the
> > openVPN server and they are all valid until October 11th 2005.
> >

Did you check the expiration on the CA certificate as well?

Did you use the "easy-rsa" scripts to make the certificates?

> > I have checked the clocks on the openVPN server machine and the main
> > openVPN client machine and they are set correctly. I cannot check road
> > warrior clocks because I cannot connect to them at the moment.
> > 
> > I have no idea what is causing this, but I really do not want to have
> > to redo each certificate every month just to get another month out of
> > the system, especially when the certs are supposed to be valid for a
> > year.
> > 
> > Thanks for any help
> > Michael Kelly
> > 
> 
> Just a guess but is your internal clock off by 1 year?

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users