Bug #7566
closed
need more dh-parameters files or generate it
0%
Description
/etc/inc/openvpn.inc
used vpn_openvpn_server.php to set dh_length
but only three /etc/dh-parameters.NUM files are available,
but drop-down allows others resulting in:
openvpn34890: Options error: - -dh fails with '/etc/dh-parameters.3072': No such file or directory
Note that code for other dh-parameters is commented out.
Well I did see https://redmine.pfsense.org/issues/6962 says this is fixed but I don't see commit hash to know how. And looking in github I see only the three files.
(I noticed this while working on my book.
My list of bugs is at http://reedmedia.net/books/pfsense/bugs.html )
Updated by Jim Pingle almost 7 years ago
- Category changed from VPN (Multiple Types) to OpenVPN
- Status changed from New to Rejected
On 2.4 the GUI only shows options for files that exist. Click the "i" on the text for the setting and follow the link for instructions on how to generate the files. The older ticket, #6962, was fixed to behave this way.
We can't realistically offer a GUI option for that because generating the parameters for larger sizes takes a very, very long time on most hardware.
Issues like this should be tested against 2.4, especially since the other ticket specifically had a 2.4 target and was marked fixed. You'll only find the corrected behavior in that version, unless noted otherwise on the ticket.