hex
Lebende Foren Legende
Hallo zusammen,
hab ein Problem mit OpenVPN. Hab an meiner Hochschule einen Account bekommen und versuche gerade zu verbinden und bekomme folgenden Output.
Kann jemand was mit dem self-signed Problem anfangen?
Hier die Config. Vorlage von der Hochschule
Distribution ist Ubuntu Hardy. OpenVPN Version steht oben im Output.
Vielen Dank!
mfg
hab ein Problem mit OpenVPN. Hab an meiner Hochschule einen Account bekommen und versuche gerade zu verbinden und bekomme folgenden Output.
Code:
Wed May 7 11:02:57 2008 OpenVPN 2.1_rc7 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Feb 20 2008
Enter Private Key Password:
Wed May 7 11:03:00 2008 LZO compression initialized
Wed May 7 11:03:00 2008 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed May 7 11:03:00 2008 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May 7 11:03:00 2008 Local Options hash (VER=V4): '69109d17'
Wed May 7 11:03:00 2008 Expected Remote Options hash (VER=V4): 'c0103fa8'
Wed May 7 11:03:00 2008 Attempting to establish TCP connection with x.x.x.x:443 [nonblock]
Wed May 7 11:03:01 2008 TCP connection established with x.x.x.x:443
Wed May 7 11:03:01 2008 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed May 7 11:03:01 2008 TCPv4_CLIENT link local: [undef]
Wed May 7 11:03:01 2008 TCPv4_CLIENT link remote: x.x.x.x:443
Wed May 7 11:03:01 2008 TLS: Initial packet from x.x.x.x:443, sid=...
Wed May 7 11:03:02 2008 VERIFY ERROR: depth=3, error=self signed certificate in certificate chain: /C=DE/O=Deutsche_Telekom_AG/OU=T-TeleSec_Trust_Center/CN=Deutsche_Telekom_Root_CA_2
Wed May 7 11:03:02 2008 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Wed May 7 11:03:02 2008 TLS Error: TLS object -> incoming plaintext read error
Wed May 7 11:03:02 2008 TLS Error: TLS handshake failed
Wed May 7 11:03:02 2008 Fatal TLS error (check_tls_errors_co), restarting
Wed May 7 11:03:02 2008 TCP/UDP: Closing socket
Wed May 7 11:03:02 2008 SIGUSR1[soft,tls-error] received, process restarting
Wed May 7 11:03:02 2008 Restart pause, 5 second(s)
Wed May 7 11:03:04 2008 SIGINT[hard,init_instance] received, process exiting
Kann jemand was mit dem self-signed Problem anfangen?
Hier die Config. Vorlage von der Hochschule
Code:
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
proto tcp
;proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote x.x.x.x 443
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# SSL/TLS parms.
pkcs12 secret_key.p12
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
Distribution ist Ubuntu Hardy. OpenVPN Version steht oben im Output.
Vielen Dank!
mfg