I can try that out but the permanent solution needs to use the existing tls key, as it's also used, without problems, elsewhere and we don't want the headache of more key files than necessary
On 19 April 2010 14:36, [email protected] <[email protected]> wrote: > can you try to regenerate the tls key file on your pfsense box and then > copy it to your clients? afaik your current key has not been generated on > your pfsense box, right? maybe thats why it says that there is not enough > key material to proceed .. > > pfbox # openvpn --genkey --secret /var/etc/openvpn_server0.tls > pfbox # scp /var/etc/openvpn_server0.tls <user>@<clientip>:/path/to/dir/ > > and then retry. at the beginning I mentioned a similiar procedure but also > had a typo in it - sorry for that (in the "openvpn --genkey.." two genkey > parameters were included ..). > > Nick Upson wrote: >> openvpn[50734]: Key file '/var/etc/openvpn_server0.tls' used in >> --tls-auth contains insufficient key material [keys found=1 >> required=2] -- try generating a new key file with 'openvpn --genkey >> --secret [file]', or use the existing key file in bidirectional mode >> by specifying --tls-auth without a key direction parameter > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
