-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 20/08/12 08:39, Markus Ferlitsch wrote: > I hink you are right. But I also tried to open my ovpn file with > console. Then I didn't get a error but it also not connected - I > think less rights but I opened the console with admin rights. > > Now I use TLS for all connections and the 2.3 alpha runs without > any errors on Windows 7 64-bit (OpenVPN 2.2.2 generated such a lot > of HMAC errors with same config-files)
My crystalball is probably a bit more reliable today ... I just checked the source code quickly, and it certainly looks like - --tls-exit depends on tls-server or tls-client. Or to say it easier, it requires --key, --cert and --ca in the config file. (--server and - --client are kind of macros, which then implies enabling --tls-server or --tls-client, but bot requires --key, --cert and --ca) So if your configuration file does not have --tls-exit explicitly mentioned, it sounds like it's the GUI doing this. I would then probably report it as a GUI bug [1]. kind regards, David Sommerseth [1] <http://sourceforge.net/tracker/?group_id=248281&atid=1327094> > 2012/8/19 Arne Schwabe <a...@rfc2549.org>: >> On 19.08.2012 12:07, Gert Doering wrote: >>> >>> Hi, >>> >>> On Sat, Aug 18, 2012 at 11:21:32PM +0200, Markus Ferlitsch >>> wrote: >>>> >>>> Now with OpenvPN 2.3 alpha the TLS configfile works fine >>>> (none error in logfile) Bu the config-file with only static >>>> secret-file doesn't connect - it's a bug in alpha I think. >>> >>> It's somewhat easier to figure out what's going wrong if we can >>> *see* your config file... >>> >>> My crystal ball is cloudy today. >> >> >> My crystal ball says it is the windows gui which always adds >> --tls-exit to command line options. >> >> Arne > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions will include endpoint security, mobile security and the > latest in malware threats. > http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ Openvpn-devel > mailing list Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAyEQ0ACgkQDC186MBRfrpE/gCcCcwwGNq/WwUbHfYog2LkxB2j BSQAnjPWXgx9RJr0BXR8K4UZb819uyRn =WBl/ -----END PGP SIGNATURE-----
