|
|
Roy Kidder wrote: >>>The server starts up just find, and increasing the debugging, it appears >>>happy. It's listening on udp/1194, so everything looks OK from it's >>>standpoint. But I'm not sure which of the above files I should move over >>>to the client. >> >>The client.* files are needed by the client, I for once find the >>distribution of a single pkcs12 file more convenient. >> > > > Thanks for the response. It looks like I must still be doing something > wrong. From the client side, it looks like it connects. But the server > shows the following in the log: > > Thu Aug 4 12:14:07 2005 us=726134 TLS State Error: No TLS state for > client aaa.bbb.ccc.ddd:1194, opcode=4 I don't know what this error means, but did you copy the cacert too? here are the relevant entries from my client config: # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. #ca RufMobile-cacert.pem #cert mega.pem #key mega.key pkcs12 mega.p12 tls-remote "openvpn.asp.ruf.ch" As you see, I switched from the 3 distinct certificate/key files to a pkcs12 file, which IMHO is easier to handle. The pkcs12 file acts as a container for those files. tls-remote is not really necessary. cheers Erich ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-08/msg00062.html on line 219 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-08/msg00062.html on line 219 |