1. Can all the configuration files provided that works in a Window environment work as well in a Linux box?
2. Any installation guide of command-line VPN for Unix?
1. Yes
2. This is what I use:
sudo openvpn --cert "/Path/To/UserName.crt" --config "/Path/To/Config_File.ovpn"
I tried the approach you mentioned, this is the command I typed in (I'm at the same directory where the cert and config file is located):
openvpn --cert JoeChong.crt --config openvpn.conf
I'm getting the following message from the execution results:
Mon Nov 16 21:44:06 2009 OpenVPN 2.1_rc15 powerpc-603e-linux [SSL] [LZO1] built on Feb 23 2009
Mon Nov 16 21:44:06 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Nov 16 21:44:06 2009 WARNING: file 'joechong.key' is group or others accessible
Mon Nov 16 21:44:06 2009 ******* WARNING *******: null cipher specified, no encryption will be used
Mon Nov 16 21:44:06 2009 UDPv4 link local: [undef]
Mon Nov 16 21:44:06 2009 UDPv4 link remote: 212.117.164.177:1194
Mon Nov 16 21:44:11 2009 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=MY/ST=WP/L=KualaLumpur/O=VPNService/OU=CertAuth/CN=VPN-Server/emailAddress=amin.scg@gmail.com
Mon Nov 16 21:44:11 2009 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Mon Nov 16 21:44:11 2009 TLS Error: TLS object -> incoming plaintext read error
Mon Nov 16 21:44:11 2009 TLS Error: TLS handshake failed
Mon Nov 16 21:44:11 2009 SIGUSR1[soft,tls-error] received, process restarting
The error seems to be @
<code>Mon Nov 16 21:44:11 2009 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=MY/ST=WP/L=KualaLumpur/O=VPNService/OU=CertAuth/CN=VPN-Server/emailAddress=amin.scg@gmail.com
Mon Nov 16 21:44:11 2009 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
</code>
But, executing it from Windows is perfectly fine. Is there something missing from the cert part that I need to update?