no server certificate verification method

Got a problem with Viscosity or need help? Ask here!

rwilmuth

Posts: 2
Joined: Tue Jul 07, 2009 4:00 am

Post by rwilmuth » Tue Jul 07, 2009 4:04 am
I installed Viscosity on my Mac Book Pro OS X 10.5.7.

I am running OpenVPN on my Windows Desktop successfully... (with a password).

I took the config files from there and dropped them into a folder on the mac.
I did the import to create a new user and cannot seem to connect.
I get the following in the details log and don't have a clue how to resolve it.

Mon Jul 6 10:51:17 2009: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jul 6 10:51:17 2009: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Jul 6 10:51:26 2009: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jul 6 10:51:26 2009: Cannot load private key file key.key: error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt: error:0906A065:PEM routines:PEM_do_header:bad decrypt: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
Mon Jul 6 10:51:26 2009: Error: private key password verification failed

Please help.

James

User avatar
Posts: 2313
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Thu Jul 09, 2009 3:19 am
Hi rwilmuth,

Is Viscosity asking you for your a private key when you try and connect?

A common cause of this error is that the key file was not able to be imported correctly, or the wrong key file has been specified. If you still have your original files from your Windows machine, try editing your connection in Viscosity, select the Certificates tab, clear your current key file, and re-select your original file. Click Save and try connecting again.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

rwilmuth

Posts: 2
Joined: Tue Jul 07, 2009 4:00 am

Post by rwilmuth » Thu Jul 09, 2009 8:45 am
Got it to work.
It did have to do with the Private Key file... I think.

We set up a new user on the VPN and got the new Windows config files.
This had a new password that I guess matched the private key file.

I changed the user in the .conf file to the user that I wanted
and set the prefs to keep the same names on import.

I imported the .conf config instead of the .ovpn config.
Then it connected just file with my new password.

IS THERE A WAY TO CHANGE MY PASSWORD NOW?

THANKS MUCH

James

User avatar
Posts: 2313
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Thu Jul 16, 2009 2:33 pm
IS THERE A WAY TO CHANGE MY PASSWORD NOW?
Yes, you can change the password on your private key using the Terminal (/Applications/Utilities/Terminal.app). Use a command like so:

cd /Users/USERNAME/Library/Application\ Support/Viscosity/OpenVPN/#/
openssl rsa -in key.key -des3 -out key.key

Replace USERNAME and # with your local machine's username, and the number of your connection profile (navigate to the folder in the Finder to see what this is).

You should get asked for your old password, then you can enter a new one in twice. The next time you try to connect Viscosity should prompt for the new password.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
4 posts Page 1 of 1