Ubuntu
network-manager package

  1. Bug #230197
  2. Comment #2

Comment 2 for bug 230197

Revision history for this message
Pirx (tkruemmer) wrote : Re: Network-manager incorrectly uses openssl-vulnkey to check validity of openvpn keys

Here the following problem:

When starting OpenVPN, vulnkey tries to read a '.crt' file and then OpenVPN exits:

John@John-laptop:~$ sudo openvpn --config /home/JohnDoe/.openvpn/openvpn.conf
Wed May 14 18:01:10 2008 OpenVPN 2.1_rc7 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on May 13 2008
Wed May 14 18:01:10 2008 /usr/sbin/openssl-vulnkey -q John_Doe.key
Wed May 14 18:01:10 2008 Cannot load certificate file John_Doe.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Wed May 14 18:01:10 2008 Exiting

Content of openvpn.conf:

client
dev tun
proto udp
remote vpn-provider.net 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
cipher bf-cbc
comp-lzo
verb 3
mute 20
ca ca.crt
key John_Doe.key
cert John_Doe.crt

ca.crt, John_Doe.crt and John_Doe.key are VPN provider supplied, i.e. there is nothing I can change.

I am tempted to think that this is a similar issue as described by Marcus.

I apologize for the ignorant question,but how to copy /usr/sbin/openvpn-vulnkey onto /usr/sbin/openssl-vulnkey?