Page 1 of 1

viscosity not asking for passphrase

Posted: Wed Jun 12, 2019 8:18 pm
by geosword
HI There,
Ive set up my vpn connection to our company openvpn server. I have the certificate, key and public ca certificate of the CA that signed my personal certificate in the configuration. The key is protected by a passphrase, however viscosity is not prompting me to enter it. As a result (or perhaps in spite of this) the connection fails to establish.
I have followed instructions here http://www.sparklabs.com/support/kb/article/problem-saving-details-into-the-keychain/
but I have no "Keychain First Aid" option in the file menu, and when I search for viscosity, no results are returned, which tells me the it hasnt been added.

Can anyone tell me how I get viscosity to ask for the passphrase of my key?

If it helps, I also have access to the openvpn server, this is presented in the logs regarding my connection attempt:
Code: Select all
Wed Jun 12 10:52:35 2019 us=481872 TLS Error: tls-crypt unwrapping failed from [AF_INET]<publicIP>:1194
Wed Jun 12 10:52:39 2019 us=677110 tls-crypt unwrap error: packet too short

Re: viscosity not asking for passphrase

Posted: Thu Jun 13, 2019 1:26 pm
by James
Hi geosword,

According to your error message the server is expecting a connected configured to use a tls-crypt key, however you don't mention as having one configured. It's also possible your PKI key and tls-crypt files may have been accidentally specified back-to-front.

More information may be available in the OpenVPN log:
https://www.sparklabs.com/support/kb/article/viewing-the-openvpn-log/

Cheers,
James