pivpn: Error using iOS OpenVPN

I’ve successfully installed PiVPN and have generated an ovpn file I would like to use on my phone. I’ve imported the ovpn into OpenVPN 1.0.7 build 199 for iOS successfully.

When I attempt to connect the following error appears: OpenVPN error: PolarSSL: error parsing config private key : PK - Bad input parameters to function.

Can anyone tell me what I’ve done incorrectly?

Thanks, Bob

PiVPN Issue Template

Console output of curl install.pivpn.io | bash

Console output of pivpn add or pivpn add nopass

Console output of pivpn debug

::: Generating Debug Output
:::					:::
::		PiVPN Debug		 ::
:::					:::
::	Latest Commit			 ::
:::					:::
commit 6b406ffb27fad7edaae4fee3e6ccafa523c1ed9f
Author: Kaladin Light <0.kaladin@gmail.com>
Date:   Sun Dec 11 10:04:33 2016 -0500

    Fix type for moving client script
:::					:::
::	Recursive list of files in	 ::
::	/etc/openvpn/easy-rsa/pki	 ::
:::					:::
/etc/openvpn/easy-rsa/pki/:
test.ovpn
ca.crt
Default.txt
dh4096.pem
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
issued
private
serial
serial.old
ta.key

/etc/openvpn/easy-rsa/pki/issued:
test.crt
server.crt

/etc/openvpn/easy-rsa/pki/private:
test.key
ca.key
server.key
:::					:::
::	Output of /etc/pivpn/*		 ::
:::					:::
:: START /etc/pivpn/DET_PLATFORM ::
Raspbian
:: END /etc/pivpn/DET_PLATFORM ::
:: START /etc/pivpn/INSTALL_PORT ::
1194
:: END /etc/pivpn/INSTALL_PORT ::
:: START /etc/pivpn/INSTALL_PROTO ::
udp
:: END /etc/pivpn/INSTALL_PROTO ::
:: START /etc/pivpn/INSTALL_USER ::
pi
:: END /etc/pivpn/INSTALL_USER ::
:: START /etc/pivpn/NO_UFW ::
1
:: END /etc/pivpn/NO_UFW ::
:: START /etc/pivpn/REVOKE_STATUS ::
0
:: END /etc/pivpn/REVOKE_STATUS ::
:::					:::
:: /etc/openvpn/easy-rsa/pki/Default.txt ::
:::					:::
client
dev tun
proto udp
remote (hostname) 1194
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 1
:::					:::
::	Output of iptables		 ::
:::					:::
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
:::					:::
::	Debug Output Complete		 ::
:::					:::
::: 
::: Debug output completed above.
::: Copy saved to /tmp/debug.txt
:::

Issue

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Comments: 27 (4 by maintainers)

Most upvoted comments

There is some chatter on other groups that some OpenVPN implementations cannot handle client keys that are encrypted with RSA.

If your client key is encrypted, you might try a different client that is unencrypted, or re-encrypting your current client key using 3DES.

openssl rsa -in Client1.key -des3 -out Client1.3des.key

and then replace your old client key with the new client key in your configuration.

+1
fyellin on Jan 5, 2017
Read more comments on GitHub
← pivpn: dhcpcd5 dependency breaks Pi OS Bookworm
pivpn: Install script fails to build the CA certificates →