Hi! When I start OpenVPN as a deamon from command line like this: `sudo OPENSSL_ENABLE_MD5_VERIFY=1 openvpn --daemon --config /etc/openvpn/xxx.conf` the tunnel comes up with no problem. However, when I start it as a systemd service I get this error:
Mar 23 21:59:40 demon openvpn[10065]: VERIFY OK: depth=2, C=PL, L=Warszawa, O=xxx, OU=xxx CA, CN=xxx Root CA Mar 23 21:59:40 demon openvpn[10065]: VERIFY ERROR: depth=1, error=certificate signature failure: C=PL, O=xxx, OU=xxx CA, CN=xxx VPN CA I've been getting the same error when starting OpenVPN as a deamon from command line before I added "OPENSSL_ENABLE_MD5_VERIFY=1". That's why I thought the reason for error is that when starting OpenVPN as a systemd service OPENSSL_ENABLE_MD5_VERIFY does not get set. However I verified it gets set by adding "ExecStartPre=/usr/bin/env" to the service template file. Please help. Regards, Piotr Dobrogost Below is content of relevant files: ====== /usr/lib/systemd/system/openvpn@.service [Unit] Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I After=network.target [Service] PrivateTmp=true Type=forking PIDFile=/var/run/openvpn/%i.pid ExecStartPre=/usr/bin/env ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf [Install] WantedBy=multi-user.target ====== /etc/systemd/system/openvpn <at> xxx.service.d/env.conf [Service] Environment=OPENSSL_ENABLE_MD5_VERIFY=1 Thanky you in advance. Regards, Piotr Dobrogost _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
