I try to use OpenVPN client in Win10 and I get the following log:
[Dec 13, 2021, 21:32:41] Tunnel Options:V4,dev-type tun,link-mtu 1524,tun-mtu 1500,proto
TCPv4_CLIENT,comp-lzo,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client
[Dec 13, 2021, 21:32:41] Creds: UsernameEmpty/PasswordEmpty
[Dec 13, 2021, 21:32:41] Peer Info:
IV_VER=3.git::d3f8b18b
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_IPv6=0
IV_AUTO_SESS=1
IV_GUI_VER=OCWindows_3.3.3-2562
IV_SSO=webauth,openurl,crtext
[Dec 13, 2021, 21:32:41] EVENT: EPKI_ERROR External Certificate Signing Failed⏎
[Dec 13, 2021, 21:32:41] Client exception in transport_recv_excode:
OpenSSLContext::SSL::read_cleartext: BIO_read failed, cap=2576 status=-1: error:0607907F:digital envelope routines:EVP_PKEY_get0_RSA:expecting an rsa key / error:141F0006:SSL routines:tls_construct_cert_verify:EVP lib
[Dec 13, 2021, 21:32:41] EVENT: DISCONNECTED ⏎
The client config is:
port 1194
proto tcp
dev tun
ifconfig 10.3.0.1 255.255.255.0
ca C:\\Users\\User1\\openvpnkeys\\ca.crt
tls-crypt C:\\Users\\User1\\openvpnkeys\\tls.key
cipher AES-256-GCM
auth SHA256
ping 10
comp-lzo
verb 4
mute 10
Client and server certificates have been created by easy-rsa installed on the server comp. What is the problem?
Resolved. The problem was in the links. I've put certificates in the body of the config file and the client has connected successfully.
I have to say the log is rather poor.