[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Re: TLS Error: local/remote TLS keys are out of sync


  • Subject: [Openvpn-users] Re: TLS Error: local/remote TLS keys are out of sync
  • From: Charles Duffy <cduffy@xxxxxxxxxxx>
  • Date: Wed, 01 Dec 2004 03:00:48 -0600

On Wed, 01 Dec 2004 08:33:23 +0000, Steve Shellswell wrote:

> I am still struggling with this. Please can anyone shed any light on the 
> error message?
> 
> TLS Error: local/remote TLS keys are out of sync: 1.2.3.4:1194 [0]

I don't know the error, but the code that would result in the different
(desired) path being taken follows:

              if (DECRYPT_KEY_ENABLED (multi, ks)
                  && key_id == ks->key_id
                  && ks->authenticated
                  && addr_port_match(from, &ks->remote_addr))

so... DECRYPT_KEY_ENABLED could be false, the key_id values could fail to
match, the key_state (ks) could be unauthenticated, or we could have no
remote address match.

Without more context (and better knowledge of the surrounding codebase),
I'm not in a good condition to make suggesions wrt which is most likely.
So, let's back up:

This happens every time, immediately after startup -- right?

How did you generate your CA/key/cert? You're using the same CA on both
ends, right? Any other errorlike messages in your output?

Mind posting your config files?


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users