I am getting "TLS error: TLS handshake failed" failed with OpenVPN package - Openssl

This is a discussion on I am getting "TLS error: TLS handshake failed" failed with OpenVPN package - Openssl ; Installed OpenVPN package on server side and client side, generated all ca.key, server.key and server.crt using the procedure given in the openVPN HowTO. I am keep getting this "TLS handshake failed", I kept my server.conf and client.conf files, also I ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: I am getting "TLS error: TLS handshake failed" failed with OpenVPN package

  1. I am getting "TLS error: TLS handshake failed" failed with OpenVPN package

    Installed OpenVPN package on server side and client side, generated all
    ca.key, server.key and server.crt using the procedure given in the
    openVPN HowTO. I am keep getting this "TLS handshake failed", I kept my
    server.conf and client.conf files, also I kept the command what I am
    giving command-line is below.

    Sun Oct 8 16:22:23 2006 59.144.73.140:32822 Expected Remote Options
    hash (VER=V4): '70f5b3af'
    Sun Oct 8 16:22:23 2006 59.144.73.140:32822 TLS: Initial packet from
    192.168.0.66:32822, sid=4f11dbcd 6924dbc6
    Sun Oct 8 16:22:26 2006 59.144.73.140:32822 VERIFY ERROR: depth=0,
    error=unable to get local issuer certificate:
    /C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Client/emailAddress=me@myhost.mydomain
    Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS_ERROR: BIO read
    tls_read_plaintext error: error:140890B2:SSL
    routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
    Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS object ->
    incoming plaintext read error
    Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS handshake
    failed
    Sun Oct 8 16:22:26 2006 59.144.73.140:32822 SIGUSR1[soft,tls-error]
    received, client-instance restarting


    Server.conf
    =======
    port 1194
    proto udp
    dev tun
    ca easy-rsa/keys/ca.crt
    cert easy-rsa/keys/server.crt
    key easy-rsa/keys/server.key # This file should be kept secret
    dh dh1024.pem
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    keepalive 10 120
    tls-auth ta.key 0 # This file is secret
    persist-key
    persist-tun
    status openvpn-status.log
    verb 3
    ~

    client.conf
    =======
    client
    dev tun
    proto udp
    remote 192.168.0.68 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca easy-rsa/keys/ca.crt
    cert easy-rsa/keys/client.crt
    key easy-rsa/keys/client.key
    tls-auth ta.key 1
    verb 3
    ~

    server command
    ==========
    openvpn --config sample-config-files/server.conf --dh
    sample-keys/dh1024.pem --tls-auth easy-rsa/keys/ta.key

    client command
    ===========
    openvpn --client --dev tun --config sample-config-files/client.conf
    --tls-auth easy-rsa/keys/ta.key


  2. Re: I am getting "TLS error: TLS handshake failed" failed with OpenVPN package

    Hi,

    Have you resolve this problem? I got this problem too. I think our
    configuration are almost the same except my server is linux and my
    client is XP.

    Please give me some hints if you know already the resolution.

    Thanks and more power,
    Rickyv


    GS wrote:
    > Installed OpenVPN package on server side and client side, generated all
    > ca.key, server.key and server.crt using the procedure given in the
    > openVPN HowTO. I am keep getting this "TLS handshake failed", I kept my
    > server.conf and client.conf files, also I kept the command what I am
    > giving command-line is below.
    >
    > Sun Oct 8 16:22:23 2006 59.144.73.140:32822 Expected Remote Options
    > hash (VER=V4): '70f5b3af'
    > Sun Oct 8 16:22:23 2006 59.144.73.140:32822 TLS: Initial packet from
    > 192.168.0.66:32822, sid=4f11dbcd 6924dbc6
    > Sun Oct 8 16:22:26 2006 59.144.73.140:32822 VERIFY ERROR: depth=0,
    > error=unable to get local issuer certificate:
    > /C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Client/emailAddress=me@myhost.mydomain
    > Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS_ERROR: BIO read
    > tls_read_plaintext error: error:140890B2:SSL
    > routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
    > Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS object ->
    > incoming plaintext read error
    > Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS handshake
    > failed
    > Sun Oct 8 16:22:26 2006 59.144.73.140:32822 SIGUSR1[soft,tls-error]
    > received, client-instance restarting
    >
    >
    > Server.conf
    > =======
    > port 1194
    > proto udp
    > dev tun
    > ca easy-rsa/keys/ca.crt
    > cert easy-rsa/keys/server.crt
    > key easy-rsa/keys/server.key # This file should be kept secret
    > dh dh1024.pem
    > server 10.8.0.0 255.255.255.0
    > ifconfig-pool-persist ipp.txt
    > keepalive 10 120
    > tls-auth ta.key 0 # This file is secret
    > persist-key
    > persist-tun
    > status openvpn-status.log
    > verb 3
    > ~
    >
    > client.conf
    > =======
    > client
    > dev tun
    > proto udp
    > remote 192.168.0.68 1194
    > resolv-retry infinite
    > nobind
    > persist-key
    > persist-tun
    > ca easy-rsa/keys/ca.crt
    > cert easy-rsa/keys/client.crt
    > key easy-rsa/keys/client.key
    > tls-auth ta.key 1
    > verb 3
    > ~
    >
    > server command
    > ==========
    > openvpn --config sample-config-files/server.conf --dh
    > sample-keys/dh1024.pem --tls-auth easy-rsa/keys/ta.key
    >
    > client command
    > ===========
    > openvpn --client --dev tun --config sample-config-files/client.conf
    > --tls-auth easy-rsa/keys/ta.key



+ Reply to Thread