Bug #11368
OpenVPN Remote Access (User Auth)
Start date:
02/04/2021
Due date:
% Done:
0%
Estimated time:
Affected Version:
2.5.0
Affected Architecture:
Release Notes:
Default
Description
The OpenVPN service won't start if I choose Remote Access (User Auth) server mode.
Status>OpenVPN:
Unable to contact daemon
Status>System Logs>OpenVPN
Feb 4 09:08:26 openvpn 9667 WARNING: POTENTIALLY DANGEROUS OPTION --verify-client-cert none|optional may accept clients which do not present a certificate Feb 4 09:08:26 openvpn 9667 Options error: --capath fails with '/var/etc/openvpn/server1/ca': No such file or directory (errno=2) Feb 4 09:08:26 openvpn 9667 Options error: Please correct these errors. Feb 4 09:08:26 openvpn 9667 Use --help for more information.
Associated revisions
History
#1
Updated by Viktor Gurov 2 months ago
Updated by - Priority changed from Normal to High
TLS parameters "dh, capath, cert, key" etc, is a mandatory for all modes except p2p_shared_key ('client')
revert #11272 and #11362 but keep #11336:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/121
#2
Updated by Renato Botelho 2 months ago
Updated by - Assignee set to Viktor Gurov
- Target version set to 2.5.0
PR has been merged. Thanks!
#3
Updated by Renato Botelho 2 months ago
- Status changed from New to Feedback
#4
Updated by Max Leighton 2 months ago
Updated by - Status changed from Feedback to Resolved
Tested with
2.5.0-DEVELOPMENT (amd64)
built on Thu Feb 04 22:53:51 CST 2021
FreeBSD 12.2-STABLE
Remote Access (User Auth) has the required options and the service is able to start. Seems the issue is resolved.
OpenVPN User Auth fix. Issue #11368