Estou tentando fazer meu openVPN funcionar e estou recebendo erros que não estou entendendo.
Meu arquivo de configuração é o seguinte:
client
auth-user-pass userpass.data
management 127.0.0.1 5001
management-log-cache 50
dev tun
proto udp
comp-lzo
fast-io
script-security 2
mtu-disc yes
verb 4
mute 5
cipher bf-cbc
auth sha1
tun-mtu 1500
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
log-append /var/log/piavpn.log
ca ca.rsa.4096.crt
status-version 3
daemon
up up.sh
down-pre
down down.sh
remote sweden.privateinternetaccess.com 1194
E o log de erros revela o seguinte:
Sun Feb 11 17:35:50 2018 us=595361 Current Parameter Settings:
Sun Feb 11 17:35:50 2018 us=595759 config = '/etc/openvpn/pia.conf'
Sun Feb 11 17:35:50 2018 us=595880 mode = 0
Sun Feb 11 17:35:50 2018 us=595952 persist_config = DISABLED
Sun Feb 11 17:35:50 2018 us=596019 persist_mode = 1
Sun Feb 11 17:35:50 2018 us=596083 NOTE: --mute triggered...
Sun Feb 11 17:35:50 2018 us=596753 271 variation(s) on previous 5 message(s) suppressed by --mute
Sun Feb 11 17:35:50 2018 us=596935 OpenVPN 2.3.10 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on$
Sun Feb 11 17:35:50 2018 us=597053 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Sun Feb 11 17:35:50 2018 us=598601 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:5001
Sun Feb 11 17:35:50 2018 us=599683 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Feb 11 17:35:50 2018 us=603245 LZO compression initialized
Sun Feb 11 17:35:50 2018 us=603839 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sun Feb 11 17:35:50 2018 us=604078 Socket Buffers: R=[514400->514400] S=[514400->514400]
Sun Feb 11 17:35:50 2018 us=674607 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Sun Feb 11 17:35:50 2018 us=674807 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,a$
Sun Feb 11 17:35:50 2018 us=674897 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,ciphe$
Sun Feb 11 17:35:50 2018 us=675028 Local Options hash (VER=V4): '41690919'
Sun Feb 11 17:35:50 2018 us=675124 Expected Remote Options hash (VER=V4): '530fdded'
Sun Feb 11 17:35:50 2018 us=675199 UDPv4 link local: [undef]
Sun Feb 11 17:35:50 2018 us=675474 UDPv4 link remote: [AF_INET]5.157.7.2:1194
Sun Feb 11 17:35:50 2018 us=715018 TLS: Initial packet from [AF_INET]5.157.7.2:1194, sid=343edf17 fa762022
Sun Feb 11 17:35:50 2018 us=715507 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent th$
Sun Feb 11 17:35:50 2018 us=761693 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=$
Sun Feb 11 17:35:50 2018 us=762665 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:$
Sun Feb 11 17:35:50 2018 us=762820 TLS Error: TLS object -> incoming plaintext read error
Sun Feb 11 17:35:50 2018 us=762909 TLS Error: TLS handshake failed
Sun Feb 11 17:35:50 2018 us=763289 TCP/UDP: Closing socket
Sun Feb 11 17:35:50 2018 us=763564 SIGUSR1[soft,tls-error] received, process restarting
Sun Feb 11 17:35:50 2018 us=763686 Restart pause, 2 second(s)
Sun Feb 11 17:35:52 2018 us=765867 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Feb 11 17:35:52 2018 us=766082 Re-using SSL/TLS context
Sun Feb 11 17:35:52 2018 us=766275 LZO compression initialized
Sun Feb 11 17:35:52 2018 us=766595 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sun Feb 11 17:35:52 2018 us=766764 Socket Buffers: R=[514400->514400] S=[514400->514400]
Sun Feb 11 17:35:52 2018 us=831005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Sun Feb 11 17:35:52 2018 us=831181 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,a$
Sun Feb 11 17:35:52 2018 us=831253 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,ciphe$
Sun Feb 11 17:35:52 2018 us=831354 Local Options hash (VER=V4): '41690919'
Sun Feb 11 17:35:52 2018 us=831457 Expected Remote Options hash (VER=V4): '530fdded'
Sun Feb 11 17:35:52 2018 us=831536 UDPv4 link local: [undef]
Sun Feb 11 17:35:52 2018 us=831664 UDPv4 link remote: [AF_INET]91.108.183.74:1194
Sun Feb 11 17:35:52 2018 us=871090 TLS: Initial packet from [AF_INET]91.108.183.74:1194, sid=42f64ed4 7d9b0b45
Sun Feb 11 17:35:52 2018 us=920373 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=$
Sun Feb 11 17:35:52 2018 us=920728 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:$
Sun Feb 11 17:35:52 2018 us=920813 TLS Error: TLS object -> incoming plaintext read error
Sun Feb 11 17:35:52 2018 us=920892 TLS Error: TLS handshake failed
Sun Feb 11 17:35:52 2018 us=921306 TCP/UDP: Closing socket
Sun Feb 11 17:35:52 2018 us=921538 SIGUSR1[soft,tls-error] received, process restarting
Sun Feb 11 17:35:52 2018 us=921678 Restart pause, 2 second(s)
Sun Feb 11 17:35:53 2018 us=277634 SIGTERM[hard,init_instance] received, process exiting
Não tenho certeza de onde está o problema. Fiz algumas pesquisas que tendem a indicar o erro em torno do certificado, no entanto, não criei nenhum certificado e usei o fornecido pelos arquivos zip da PIA.
Qualquer ajuda para resolver porque isso não funciona seria apreciada.
Estou usando o Ubuntu 16.04.03 em um dispositivo Odroid.
Obrigado