I have used the following client side config since 2.1, however it is not working in 2.3RC1. I have used self signed certificate since 2.1.
Client Configclient
float
dev tap
proto udp
port 1194
remote x.x.x.x
resolv-retry infinite
nobind
persist-key
persist-tun
ca vpnserver-hostcert.pem
auth-user-p
pull
comp-lzo
I am receiving the following errors:Mon Sep 28 11:17:14 2009 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008
Mon Sep 28 11:17:23 2009 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
Mon Sep 28 11:17:23 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Sep 28 11:17:23 2009 LZO compression initialized
Mon Sep 28 11:17:23 2009 UDPv4 link local: [undef]
Mon Sep 28 11:17:23 2009 UDPv4 link remote: x.x.x.x:1194
Mon Sep 28 11:17:23 2009 WARNING: this configuration may cache pwords in memory -- use the auth-nocache option to prevent this
Mon Sep 28 11:17:24 2009 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=IT/O=efw/CN=efw_CA
Mon Sep 28 11:17:24 2009 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Mon Sep 28 11:17:24 2009 TLS Error: TLS object -> incoming plaintext read error
Mon Sep 28 11:17:24 2009 TLS Error: TLS handshake failed
Mon Sep 28 11:17:24 2009 SIGUSR1[soft,tls-error] received, process restarting
Mon Sep 28 11:17:26 2009 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for
Updated: open ticket for this: http://bugs.endian.com/view.php?id=2223
Author