pfSense Gold Subscription

Author Topic: OpenVPN service not working with PfSesne 2.4?!  (Read 242 times)

0 Members and 1 Guest are viewing this topic.

Offline mucip

  • Newbie
  • *
  • Posts: 12
  • Karma: +0/-0
    • View Profile
OpenVPN service not working with PfSesne 2.4?!
« on: November 13, 2017, 04:00:45 am »
Hi,
I want to use OpenVPN with PfSense 2.4.1. I followed below link.
https://youtu.be/VdAHVSTl1ys
https://www.serdarbayram.net/pfsense-remote-vpn.html

But I can not run OpenWPN service. Error log below;
Nov 12 02:10:50    openvpn    67991    OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 8 2017
Nov 12 02:10:50    openvpn    67991    library versions: OpenSSL 1.0.2k-freebsd 26 Jan 2017, LZO 2.10
Nov 12 02:10:50    openvpn    71074    NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 12 02:10:50    openvpn    71074    OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line
Nov 12 02:10:50    openvpn    71074    OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Nov 12 02:10:50    openvpn    71074    Cannot load certificate file /var/etc/openvpn/server1.cert
Nov 12 02:10:50    openvpn    71074    Exiting due to fatal error

And I checke the  /var/etc/openvpn/server1.cert. It's empty file!... :(

Regards,
Mucip:)

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21397
  • Karma: +1432/-26
    • View Profile
Re: OpenVPN service not working with PfSesne 2.4?!
« Reply #1 on: November 13, 2017, 08:37:18 am »
Is this a new setup in 2.4.1 or was it working in a prior version?

Is the certificate correct in the certificate manager? Maybe try creating a new certificate or importing it again?
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline mucip

  • Newbie
  • *
  • Posts: 12
  • Karma: +0/-0
    • View Profile
Re: OpenVPN service not working with PfSesne 2.4?!
« Reply #2 on: November 14, 2017, 01:06:16 am »
Dear Jimp,
Sorry for this mass. I reset and reconfigured everything and it started to work. Thanks for your kind interest.


Regards,
Mucip:)

Offline bpb21

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: OpenVPN service not working with PfSesne 2.4?!
« Reply #3 on: December 03, 2017, 09:08:17 pm »
I have this exact issue, with this exact error message about Cannot load certificate file /var/etc/openvpn/server1.cert in pfSense 2.4.2 and the really bizarre thing: it was working fine previously.  I don't mean on a previous pfSense build; I mean until I tried it remotely today.

Ever since it stopped working, I've tried to completely clear out all certificates and recreate the OVPN server.  But I end up with the same error.

Any ideas what this might be about?  I run about five pfSense servers in different locations (not connected to each other) and I've noticed while two are working, three are not.  (I blame two of the non-working ones on external factors.)

Very confused...

Offline bpb21

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: OpenVPN service not working with PfSesne 2.4?!
« Reply #4 on: December 03, 2017, 09:14:12 pm »
Oh - system logs.  I kept getting the same errors over and over.  I'd completely remove an OpenVPN server, all certificates, and try again from scratch.  And I'd keep getting the same message over and over in the system logs.  (The definition of insanity?)

Dec 3 18:48:09   openvpn   34472   Exiting due to fatal error
Dec 3 18:48:09   openvpn   34472   Cannot load certificate file /var/etc/openvpn/server1.cert
Dec 3 18:48:09   openvpn   34472   OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Dec 3 18:48:09   openvpn   34472   OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line
Dec 3 18:48:09   openvpn   34472   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 3 18:48:09   openvpn   34296   library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
Dec 3 18:48:09   openvpn   34296   OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 8 2017
Dec 3 18:21:31   openvpn   48163   Exiting due to fatal error
Dec 3 18:21:31   openvpn   48163   Cannot load certificate file /var/etc/openvpn/server1.cert
Dec 3 18:21:31   openvpn   48163   OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Dec 3 18:21:31   openvpn   48163   OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line
Dec 3 18:21:31   openvpn   48163   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 3 18:21:31   openvpn   48127   library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
Dec 3 18:21:31   openvpn   48127   OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 8 2017
Dec 3 18:20:14   openvpn   65340   Exiting due to fatal error
Dec 3 18:20:14   openvpn   65340   Cannot load certificate file /var/etc/openvpn/server1.cert
Dec 3 18:20:14   openvpn   65340   OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Dec 3 18:20:14   openvpn   65340   OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line
Dec 3 18:20:14   openvpn   65340   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 3 18:20:14   openvpn   65096   library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
Dec 3 18:20:14   openvpn   65096   OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Oct 8 2017
Dec 3 18:19:38   openvpn   29240   Exiting due to fatal error
Dec 3 18:19:38   openvpn   29240   Cannot load certificate file /var/etc/openvpn/server1.cert
Dec 3 18:19:38   openvpn   29240   OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Dec 3 18:19:38   openvpn   29240   OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line
Dec 3 18:19:38   openvpn   29240   NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21397
  • Karma: +1432/-26
    • View Profile
Re: OpenVPN service not working with PfSesne 2.4?!
« Reply #5 on: December 04, 2017, 09:53:59 am »
What is in /var/etc/openvpn/server1.cert ?
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!