Error: private key password verification failed

[i-am-nut]

That's the openvpn.log

Tue Aug 22 12:44:11 2017 OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jun 22 2017
Tue Aug 22 12:44:11 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Aug 22 12:44:11 2017 Cannot load private key file /etc/openvpn/endaga-client.key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Tue Aug 22 12:44:11 2017 Error: private key password verification failed
Tue Aug 22 12:44:11 2017 Exiting due to fatal error

And that's the endagad.log

Unable to verify client cert against CA bundle:

I've already ensured etage-bundle.crt is the same in client and cert. But can't solve it at all

[9muir]

The OpenVPN error message states that the client's private key does not correspond to the public key that was used in the certificate signing request. Try running the reset_registration script, which will reset the client registration process.

[i-am-nut]

Nice, on "Towers" section now shows it's "Active" :)

But when i click to Monitor the tower it says:

Warning! This tower is running old software that is not sending telemetry data to our main servers. Please contact support if you have questions or would like to upgrade your towers.

Is it because there's no radio connected to the client VM or am i really missing something else?

[9muir]

Probably due to no radio being connected, but it may indicate that the client application has terminated.

…

On Aug 23, 2017, at 9:14 AM, Emerson Junior ***@***.***> wrote: Nice, on "Towers" section now shows it's "Active" :) But when i click to Monitor the tower it says: Warning! This tower is running old software that is not sending telemetry data to our main servers. Please contact support if you have questions or would like to upgrade your towers. Is it because there's no radio connected to the client VM or am i really missing something else? — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#77 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ABIDPIWMUgbDH3_-ZQtBDx9Jj-yZxqaMks5sbCWsgaJpZM4O-1UH>.

[i-am-nut]

@9muir I'm reopening this issue cause the error message is the same, but the behavior caused is really unexpected.

Basically on web interface, it shows the tower is "Active", and i can access Monitor section and see some data on the statistics.

But weirdly i'm still having the following /var/log/openvpn.log below:

Fri Sep 29 16:19:57 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 26 2017
Fri Sep 29 16:19:57 2017 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
Fri Sep 29 16:19:57 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Sep 29 16:19:57 2017 Cannot load private key file /etc/openvpn/endaga-client.key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Fri Sep 29 16:19:57 2017 Error: private key password verification failed
Fri Sep 29 16:19:57 2017 Exiting due to fatal error

It's not making any sense for me. I've already ran reset-registration but the error messages remains comming even things being seemingly working.

I though if things were working properly there shoudn't have been these kind of error messages still showing.

Any ideias?

[kheimerl]

The endaga package includes a certificate, you may have overwritten the correct one with an incorrect one. The cert is definitely no good anymore and the client seems more likely to change than the cloud.

…

On Fri, Sep 29, 2017 at 12:34 PM, Emerson Junior ***@***.***> wrote: @9muir <https://github.com/9muir> I'm reopening this issue cause the erros is the same, but the behavior caused is really unexpected. Basically i'm having the following /var/log/openvpn.log below: Fri Sep 29 16:19:57 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 26 2017 Fri Sep 29 16:19:57 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08 Fri Sep 29 16:19:57 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Sep 29 16:19:57 2017 Cannot load private key file /etc/openvpn/endaga-client.key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch Fri Sep 29 16:19:57 2017 Error: private key password verification failed Fri Sep 29 16:19:57 2017 Exiting due to fatal error But on web interface, it shows the tower is "Active", and i can access Monitor section and see some data on the statistics. It's not making any sense for me. I've already ran reset-registration but the error messages remains comming even things being seemingly working. Any ideias? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#77 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA_rn3YdI1UHBOf5bQYzs041kPi27pG6ks5snUZDgaJpZM4O-1UH> .

[9muir]

There are two error messages from OpenVPN that need addressing. Can you run the following commands:

1. openssl x509 -noout -pubkey </etc/openvpn/endaga-client.crt
2. openssl rsa -pubout </etc/openvpn/endaga-client.key
   The public key output should be identical (and please confirm that you don't need to enter a password to decrypt the private key in step 2). If not, please stop the Endaga agent (supervisorctl stop endagad) and run reset-registration again. Verify that /etc/openvpn is empty (except for the CA bundle) before restarting the Endaga agent.