Closed i-am-nut closed 6 years ago
The OpenVPN error message states that the client's private key does not correspond to the public key that was used in the certificate signing request. Try running the reset_registration
script, which will reset the client registration process.
Nice, on "Towers" section now shows it's "Active" :)
But when i click to Monitor the tower it says:
Warning! This tower is running old software that is not sending telemetry data to our main servers. Please contact support if you have questions or would like to upgrade your towers.
Is it because there's no radio connected to the client VM or am i really missing something else?
Probably due to no radio being connected, but it may indicate that the client application has terminated.
On Aug 23, 2017, at 9:14 AM, Emerson Junior notifications@github.com wrote:
Nice, on "Towers" section now shows it's "Active" :)
But when i click to Monitor the tower it says:
Warning! This tower is running old software that is not sending telemetry data to our main servers. Please contact support if you have questions or would like to upgrade your towers.
Is it because there's no radio connected to the client VM or am i really missing something else?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/facebookincubator/CommunityCellularManager/issues/77#issuecomment-324326640, or mute the thread https://github.com/notifications/unsubscribe-auth/ABIDPIWMUgbDH3_-ZQtBDx9Jj-yZxqaMks5sbCWsgaJpZM4O-1UH.
@9muir I'm reopening this issue cause the error message is the same, but the behavior caused is really unexpected.
Basically on web interface, it shows the tower is "Active", and i can access Monitor section and see some data on the statistics.
But weirdly i'm still having the following /var/log/openvpn.log
below:
Fri Sep 29 16:19:57 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 26 2017
Fri Sep 29 16:19:57 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
Fri Sep 29 16:19:57 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Sep 29 16:19:57 2017 Cannot load private key file /etc/openvpn/endaga-client.key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Fri Sep 29 16:19:57 2017 Error: private key password verification failed
Fri Sep 29 16:19:57 2017 Exiting due to fatal error
It's not making any sense for me. I've already ran reset-registration
but the error messages remains comming even things being seemingly working.
I though if things were working properly there shoudn't have been these kind of error messages still showing.
Any ideias?
The endaga package includes a certificate, you may have overwritten the correct one with an incorrect one. The cert is definitely no good anymore and the client seems more likely to change than the cloud.
On Fri, Sep 29, 2017 at 12:34 PM, Emerson Junior notifications@github.com wrote:
@9muir https://github.com/9muir I'm reopening this issue cause the erros is the same, but the behavior caused is really unexpected.
Basically i'm having the following /var/log/openvpn.log below:
Fri Sep 29 16:19:57 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 26 2017 Fri Sep 29 16:19:57 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08 Fri Sep 29 16:19:57 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Sep 29 16:19:57 2017 Cannot load private key file /etc/openvpn/endaga-client.key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch Fri Sep 29 16:19:57 2017 Error: private key password verification failed Fri Sep 29 16:19:57 2017 Exiting due to fatal error
But on web interface, it shows the tower is "Active", and i can access Monitor section and see some data on the statistics.
It's not making any sense for me. I've already ran reset-registration but the error messages remains comming even things being seemingly working.
Any ideias?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/facebookincubator/CommunityCellularManager/issues/77#issuecomment-333218700, or mute the thread https://github.com/notifications/unsubscribe-auth/AA_rn3YdI1UHBOf5bQYzs041kPi27pG6ks5snUZDgaJpZM4O-1UH .
There are two error messages from OpenVPN that need addressing. Can you run the following commands:
1) openssl x509 -noout -pubkey </etc/openvpn/endaga-client.crt
2) openssl rsa -pubout </etc/openvpn/endaga-client.key
The public key output should be identical (and please confirm that you don't need to enter a password to decrypt the private key in step 2). If not, please stop the Endaga agent (supervisorctl stop endagad
) and run reset-registration
again. Verify that /etc/openvpn
is empty (except for the CA bundle) before restarting the Endaga agent.
That's the openvpn.log
And that's the endagad.log
I've already ensured
etage-bundle.crt
is the same in client and cert. But can't solve it at all