[SOLVED][2.4.5]OpenVPN\Certificate Creation SSL Errors
-
The CN is always added as a SAN no matter what you put in the SAN list.
-
valid point :) But I just don't see why you would use single label like that..
OH - didn't notice this is a user cert, not a server cert.
I just created a user cert with those values as well - no problems on 2.4.5
-
@jimp said in [2.4.5]OpenVPN\Certificate Creation SSL Errors:
/etc/inc/globals.inc
I didn't modify anything manually (Since I remember I didn't do that but it could be). This is my sha256.#sha256 /etc/inc/globals.inc SHA256 (/etc/inc/globals.inc) = 2563166d23fef463d3a4a47571726aff0a3de98ceb38c55ec520eb3ca901101c
I think that it happens when I update to 2.4.5 but I was like various months without create new certificates so I dunno when happen.
-
That is different than mine
[2.4.5-RELEASE][admin@sg4860.local.lan]/: sha256 /etc/inc/globals.inc SHA256 (/etc/inc/globals.inc) = 93cd34ef3e9cc2e00e86888dadb1275cda9e7b5874539405ee726c0a4262e020
-
That looks right, too.
Still odd that it makes a CA but not a cert since the code is pretty much the same on the backend.
Do you have more than one firewall? Can you replicate it anywhere else?
-
His matches mine (which is CE on the one I checked):
: sha256 /etc/inc/globals.inc SHA256 (/etc/inc/globals.inc) = 2563166d23fef463d3a4a47571726aff0a3de98ceb38c55ec520eb3ca901101c
Factory (Netgate hardware) would differ slightly.
-
Yeah mine is a factory, on a 4860
-
Also if you get a chance to reboot it, watch the console and system logs for errors there.
-
@jimp I have just one firewall.
This is my log, I don't see anything weird.Apr 2 21:02:00 pfsense syslogd: kernel boot file is /boot/kernel/kernel Apr 2 21:02:00 pfsense kernel: Copyright (c) 1992-2020 The FreeBSD Project. Apr 2 21:02:00 pfsense kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Apr 2 21:02:00 pfsense kernel: The Regents of the University of California. All rights reserved. Apr 2 21:02:00 pfsense kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. Apr 2 21:02:00 pfsense kernel: FreeBSD 11.3-STABLE #236 21cbb70bbd1(RELENG_2_4_5): Tue Mar 24 15:26:53 EDT 2020 Apr 2 21:02:00 pfsense kernel: root@buildbot1-nyi.netgate.com:/build/ce-crossbuild-245/obj/amd64/YNx4Qq3j/build/ce-crossbuild-245/sources/FreeBSD-src/sys/pfSense amd64 Apr 2 21:02:00 pfsense kernel: FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1) Apr 2 21:02:00 pfsense kernel: VT(vga): resolution 640x480 Apr 2 21:02:00 pfsense kernel: CPU: AMD GX-412TC SOC (998.15-MHz K8-class CPU) Apr 2 21:02:00 pfsense kernel: Origin="AuthenticAMD" Id=0x730f01 Family=0x16 Model=0x30 Stepping=1 Apr 2 21:02:00 pfsense kernel: Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT> Apr 2 21:02:00 pfsense kernel: Features2=0x3ed8220b<SSE3,PCLMULQDQ,MON,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AESNI,XSAVE,OSXSAVE,AVX,F16C> Apr 2 21:02:00 pfsense kernel: AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM> Apr 2 21:02:00 pfsense kernel: AMD Features2=0x1d4037ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,OSVW,IBS,SKINIT,WDT,Topology,PNXC,DBE,PTSC,PL2I> Apr 2 21:02:00 pfsense kernel: Structured Extended Features=0x8<BMI1> Apr 2 21:02:00 pfsense kernel: XSAVE Features=0x1<XSAVEOPT> Apr 2 21:02:00 pfsense kernel: SVM: NP,NRIP,AFlush,DAssist,NAsids=8 Apr 2 21:02:00 pfsense kernel: TSC: P-state invariant, performance statistics Apr 2 21:02:00 pfsense kernel: real memory = 4815060992 (4592 MB) Apr 2 21:02:00 pfsense kernel: avail memory = 4069310464 (3880 MB) Apr 2 21:02:00 pfsense kernel: Event timer "LAPIC" quality 600 Apr 2 21:02:00 pfsense kernel: ACPI APIC Table: <CORE COREBOOT> Apr 2 21:02:00 pfsense kernel: FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs Apr 2 21:02:00 pfsense kernel: FreeBSD/SMP: 1 package(s) x 4 core(s) Apr 2 21:02:00 pfsense kernel: ioapic1: Changing APIC ID to 5 Apr 2 21:02:00 pfsense kernel: ioapic0 <Version 2.1> irqs 0-23 on motherboard Apr 2 21:02:00 pfsense kernel: ioapic1 <Version 2.1> irqs 24-55 on motherboard Apr 2 21:02:00 pfsense kernel: SMP: AP CPU #3 Launched! Apr 2 21:02:00 pfsense kernel: SMP: AP CPU #1 Launched! Apr 2 21:02:00 pfsense kernel: SMP: AP CPU #2 Launched! Apr 2 21:02:00 pfsense kernel: Timecounter "TSC" frequency 998147829 Hz quality 1000 Apr 2 21:02:00 pfsense kernel: ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Apr 2 21:02:00 pfsense kernel: ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff806a1f20, 0) error 1 Apr 2 21:02:00 pfsense kernel: ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Apr 2 21:02:00 pfsense kernel: ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff806a1fd0, 0) error 1 Apr 2 21:02:00 pfsense kernel: random: entropy device external interface Apr 2 21:02:00 pfsense kernel: ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Apr 2 21:02:00 pfsense kernel: ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff806a2080, 0) error 1 Apr 2 21:02:00 pfsense kernel: iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Apr 2 21:02:00 pfsense kernel: iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff806c9140, 0) error 1 Apr 2 21:02:00 pfsense kernel: iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Apr 2 21:02:00 pfsense kernel: iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff806c91f0, 0) error 1 Apr 2 21:02:00 pfsense kernel: iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Apr 2 21:02:00 pfsense kernel: iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff806c92a0, 0) error 1 Apr 2 21:02:00 pfsense kernel: wlan: mac acl policy registered Apr 2 21:02:00 pfsense kernel: kbd0 at kbdmux0 Apr 2 21:02:00 pfsense kernel: 000.000022 [4213] netmap_init netmap: loaded module Apr 2 21:02:00 pfsense kernel: module_register_init: MOD_LOAD (vesa, 0xffffffff812c9960, 0) error 19 Apr 2 21:02:00 pfsense kernel: mlx5en: Mellanox Ethernet driver 3.5.2 (September 2019) Apr 2 21:02:00 pfsense kernel: nexus0 Apr 2 21:02:00 pfsense kernel: vtvga0: <VT VGA driver> on motherboard Apr 2 21:02:00 pfsense kernel: cryptosoft0: <software crypto> on motherboard Apr 2 21:02:00 pfsense kernel: padlock0: No ACE support. Apr 2 21:02:00 pfsense kernel: acpi0: <CORE COREBOOT> on motherboard Apr 2 21:02:00 pfsense kernel: acpi0: Power Button (fixed) Apr 2 21:02:00 pfsense kernel: cpu0: <ACPI CPU> on acpi0 Apr 2 21:02:00 pfsense kernel: cpu1: <ACPI CPU> on acpi0 Apr 2 21:02:00 pfsense kernel: cpu2: <ACPI CPU> on acpi0 Apr 2 21:02:00 pfsense kernel: cpu3: <ACPI CPU> on acpi0 Apr 2 21:02:00 pfsense kernel: atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0 Apr 2 21:02:00 pfsense kernel: atrtc0: registered as a time-of-day clock, resolution 1.000000s Apr 2 21:02:00 pfsense kernel: Event timer "RTC" frequency 32768 Hz quality 0 Apr 2 21:02:00 pfsense kernel: attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0 Apr 2 21:02:00 pfsense kernel: Timecounter "i8254" frequency 1193182 Hz quality 0 Apr 2 21:02:00 pfsense kernel: Event timer "i8254" frequency 1193182 Hz quality 100 Apr 2 21:02:00 pfsense kernel: Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 Apr 2 21:02:00 pfsense kernel: acpi_timer0: <32-bit timer at 3.579545MHz> port 0x818-0x81b on acpi0 Apr 2 21:02:00 pfsense kernel: hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0 Apr 2 21:02:00 pfsense kernel: Timecounter "HPET" frequency 14318180 Hz quality 950 Apr 2 21:02:00 pfsense kernel: acpi_button0: <Power Button> on acpi0 Apr 2 21:02:00 pfsense kernel: pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 Apr 2 21:02:00 pfsense kernel: pci0: <ACPI PCI bus> on pcib0 Apr 2 21:02:00 pfsense kernel: pcib1: <ACPI PCI-PCI bridge> at device 2.2 on pci0 Apr 2 21:02:00 pfsense kernel: pcib1: failed to allocate initial I/O port window: 0x1000-0x1fff Apr 2 21:02:00 pfsense kernel: pci1: <ACPI PCI bus> on pcib1 Apr 2 21:02:00 pfsense kernel: igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> mem 0xfe500000-0xfe51ffff,0xfe520000-0xfe523fff at device 0.0 on pci1 Apr 2 21:02:00 pfsense kernel: igb0: Using MSIX interrupts with 5 vectors Apr 2 21:02:00 pfsense kernel: igb0: Ethernet address: 00:0d:b9:45:e1:b0 Apr 2 21:02:00 pfsense kernel: igb0: Bound queue 0 to cpu 0 Apr 2 21:02:00 pfsense kernel: igb0: Bound queue 1 to cpu 1 Apr 2 21:02:00 pfsense kernel: igb0: Bound queue 2 to cpu 2 Apr 2 21:02:00 pfsense kernel: igb0: Bound queue 3 to cpu 3 Apr 2 21:02:00 pfsense kernel: igb0: netmap queues/slots: TX 4/1024, RX 4/1024 Apr 2 21:02:00 pfsense kernel: pcib2: <ACPI PCI-PCI bridge> at device 2.3 on pci0 Apr 2 21:02:00 pfsense kernel: pci2: <ACPI PCI bus> on pcib2 Apr 2 21:02:00 pfsense kernel: igb1: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0x2000-0x201f mem 0xfe600000-0xfe61ffff,0xfe620000-0xfe623fff at device 0.0 on pci2 Apr 2 21:02:00 pfsense kernel: igb1: Using MSIX interrupts with 5 vectors Apr 2 21:02:00 pfsense kernel: igb1: Ethernet address: 00:0d:b9:45:e1:b1 Apr 2 21:02:00 pfsense kernel: igb1: Bound queue 0 to cpu 0 Apr 2 21:02:00 pfsense kernel: igb1: Bound queue 1 to cpu 1 Apr 2 21:02:00 pfsense kernel: igb1: Bound queue 2 to cpu 2 Apr 2 21:02:00 pfsense kernel: igb1: Bound queue 3 to cpu 3 Apr 2 21:02:00 pfsense kernel: igb1: netmap queues/slots: TX 4/1024, RX 4/1024 Apr 2 21:02:00 pfsense kernel: pcib3: <ACPI PCI-PCI bridge> at device 2.4 on pci0 Apr 2 21:02:00 pfsense kernel: pci3: <ACPI PCI bus> on pcib3 Apr 2 21:02:00 pfsense kernel: igb2: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0x3000-0x301f mem 0xfe700000-0xfe71ffff,0xfe720000-0xfe723fff at device 0.0 on pci3 Apr 2 21:02:00 pfsense kernel: igb2: Using MSIX interrupts with 5 vectors Apr 2 21:02:00 pfsense kernel: igb2: Ethernet address: 00:0d:b9:45:e1:b2 Apr 2 21:02:00 pfsense kernel: igb2: Bound queue 0 to cpu 0 Apr 2 21:02:00 pfsense kernel: igb2: Bound queue 1 to cpu 1 Apr 2 21:02:00 pfsense kernel: igb2: Bound queue 2 to cpu 2 Apr 2 21:02:00 pfsense kernel: igb2: Bound queue 3 to cpu 3 Apr 2 21:02:00 pfsense kernel: igb2: netmap queues/slots: TX 4/1024, RX 4/1024 Apr 2 21:02:00 pfsense kernel: pcib4: <ACPI PCI-PCI bridge> at device 2.5 on pci0 Apr 2 21:02:00 pfsense kernel: pci4: <ACPI PCI bus> on pcib4 Apr 2 21:02:00 pfsense kernel: ath0: <Atheros 9280> mem 0xfe800000-0xfe80ffff at device 0.0 on pci4 Apr 2 21:02:00 pfsense kernel: [ath] enabling AN_TOP2_FIXUP Apr 2 21:02:00 pfsense kernel: ath0: [HT] enabling HT modes Apr 2 21:02:00 pfsense kernel: ath0: [HT] 1 stream STBC receive enabled Apr 2 21:02:00 pfsense kernel: ath0: [HT] 1 stream STBC transmit enabled Apr 2 21:02:00 pfsense kernel: ath0: [HT] 2 RX streams; 2 TX streams Apr 2 21:02:00 pfsense kernel: ath0: AR9280 mac 128.2 RF5133 phy 13.0 Apr 2 21:02:00 pfsense kernel: ath0: 2GHz radio: 0x0000; 5GHz radio: 0x00c0 Apr 2 21:02:00 pfsense kernel: pci0: <encrypt/decrypt> at device 8.0 (no driver attached) Apr 2 21:02:00 pfsense kernel: xhci0: <AMD FCH USB 3.0 controller> mem 0xfeb22000-0xfeb23fff at device 16.0 on pci0 Apr 2 21:02:00 pfsense kernel: xhci0: 32 bytes context size, 64-bit DMA Apr 2 21:02:00 pfsense kernel: xhci0: Unable to map MSI-X table Apr 2 21:02:00 pfsense kernel: usbus0 on xhci0 Apr 2 21:02:00 pfsense kernel: usbus0: 5.0Gbps Super Speed USB v3.0 Apr 2 21:02:00 pfsense kernel: ahci0: <AMD Hudson-2 AHCI SATA controller> port 0x4010-0x4017,0x4020-0x4023,0x4018-0x401f,0x4024-0x4027,0x4000-0x400f mem 0xfeb25000-0xfeb253ff at device 17.0 on pci0 Apr 2 21:02:00 pfsense kernel: ahci0: AHCI v1.30 with 2 6Gbps ports, Port Multiplier supported with FBS Apr 2 21:02:00 pfsense kernel: ahcich0: <AHCI channel> at channel 0 on ahci0 Apr 2 21:02:00 pfsense kernel: ahcich1: <AHCI channel> at channel 1 on ahci0 Apr 2 21:02:00 pfsense kernel: ehci0: <AMD FCH USB 2.0 controller> mem 0xfeb25400-0xfeb254ff at device 19.0 on pci0 Apr 2 21:02:00 pfsense kernel: usbus1: EHCI version 1.0 Apr 2 21:02:00 pfsense kernel: usbus1 on ehci0 Apr 2 21:02:00 pfsense kernel: usbus1: 480Mbps High Speed USB v2.0 Apr 2 21:02:00 pfsense kernel: isab0: <PCI-ISA bridge> at device 20.3 on pci0 Apr 2 21:02:00 pfsense kernel: isa0: <ISA bus> on isab0 Apr 2 21:02:00 pfsense kernel: sdhci_pci0: <Generic SD HCI> mem 0xfeb25500-0xfeb255ff at device 20.7 on pci0 Apr 2 21:02:00 pfsense kernel: sdhci_pci0: 1 slot(s) allocated Apr 2 21:02:00 pfsense kernel: uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Apr 2 21:02:00 pfsense kernel: uart0: console (115200,n,8,1) Apr 2 21:02:00 pfsense kernel: orm0: <ISA Option ROMs> at iomem 0xc0000-0xc0fff,0xef000-0xeffff on isa0 Apr 2 21:02:00 pfsense kernel: ppc0: cannot reserve I/O port range Apr 2 21:02:00 pfsense kernel: uart1: <16550 or compatible> at port 0x2f8 irq 3 on isa0 Apr 2 21:02:00 pfsense kernel: hwpstate0: <Cool`n'Quiet 2.0> on cpu0 Apr 2 21:02:00 pfsense kernel: Timecounters tick every 1.000 msec Apr 2 21:02:00 pfsense kernel: ugen1.1: <AMD EHCI root HUB> at usbus1 Apr 2 21:02:00 pfsense kernel: ugen0.1: <0x1022 XHCI root HUB> at usbus0 Apr 2 21:02:00 pfsense kernel: uhub0: <AMD EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1 Apr 2 21:02:00 pfsense kernel: uhub1: <0x1022 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0 Apr 2 21:02:00 pfsense kernel: uhub1: 4 ports with 4 removable, self powered Apr 2 21:02:00 pfsense kernel: uhub0: 2 ports with 2 removable, self powered Apr 2 21:02:00 pfsense kernel: ugen1.2: <vendor 0x0438 product 0x7900> at usbus1 Apr 2 21:02:00 pfsense kernel: uhub2 on uhub0 Apr 2 21:02:00 pfsense kernel: uhub2: <vendor 0x0438 product 0x7900, class 9/0, rev 2.00/0.18, addr 2> on usbus1 Apr 2 21:02:00 pfsense kernel: uhub2: 4 ports with 4 removable, self powered Apr 2 21:02:00 pfsense kernel: ada0 at ahcich0 bus 0 scbus0 target 0 lun 0 Apr 2 21:02:00 pfsense kernel: ada0: <KINGSTON SMS200S360G 60AABBF0> ATA8-ACS SATA 3.x device Apr 2 21:02:00 pfsense kernel: ada0: Serial Number 50026B726C01BA4E Apr 2 21:02:00 pfsense kernel: ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 512bytes) Apr 2 21:02:00 pfsense kernel: ada0: Command Queueing enabled Apr 2 21:02:00 pfsense kernel: ada0: 57241MB (117231408 512 byte sectors) Apr 2 21:02:00 pfsense kernel: Trying to mount root from ufs:/dev/ufsid/56dcd2f0ead8d48f [rw]... Apr 2 21:02:00 pfsense kernel: random: unblocking device. Apr 2 21:02:00 pfsense kernel: CPU: AMD GX-412TC SOC (998.15-MHz K8-class CPU) Apr 2 21:02:00 pfsense kernel: Origin="AuthenticAMD" Id=0x730f01 Family=0x16 Model=0x30 Stepping=1 Apr 2 21:02:00 pfsense kernel: Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT> Apr 2 21:02:00 pfsense kernel: Features2=0x3ed8220b<SSE3,PCLMULQDQ,MON,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AESNI,XSAVE,OSXSAVE,AVX,F16C> Apr 2 21:02:00 pfsense kernel: AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM> Apr 2 21:02:00 pfsense kernel: AMD Features2=0x1d4037ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,OSVW,IBS,SKINIT,WDT,Topology,PNXC,DBE,PTSC,PL2I> Apr 2 21:02:00 pfsense kernel: Structured Extended Features=0x8<BMI1> Apr 2 21:02:00 pfsense kernel: XSAVE Features=0x1<XSAVEOPT> Apr 2 21:02:00 pfsense kernel: SVM: NP,NRIP,AFlush,DAssist,NAsids=8 Apr 2 21:02:00 pfsense kernel: TSC: P-state invariant, performance statistics Apr 2 21:02:00 pfsense kernel: padlock0: No ACE support. Apr 2 21:02:00 pfsense kernel: aesni0: <AES-CBC,AES-XTS,AES-GCM,AES-ICM> on motherboard Apr 2 21:02:00 pfsense kernel: amdtemp0: <AMD CPU On-Die Thermal Sensors> on hostb5 Apr 2 21:02:00 pfsense kernel: lo0: link state changed to UP Apr 2 21:02:00 pfsense kernel: wlan0: Ethernet address: 04:f0:21:2e:5d:50 Apr 2 21:02:00 pfsense php-cgi: rc.bootup: Cloning new wireless interface ath0_wlan1 Apr 2 21:02:00 pfsense kernel: wlan0: changing name to 'ath0_wlan0' Apr 2 21:02:00 pfsense php-cgi: rc.bootup: Cloning new wireless interface ath0_wlan2 Apr 2 21:02:00 pfsense kernel: wlan1: Ethernet address: 06:f0:21:2e:5d:50 Apr 2 21:02:00 pfsense kernel: wlan1: changing name to 'ath0_wlan1' Apr 2 21:02:00 pfsense php-cgi: rc.bootup: Cloning new wireless interface ath0_wlan3 Apr 2 21:02:00 pfsense kernel: wlan2: Ethernet address: 0e:f0:21:2e:5d:50 Apr 2 21:02:00 pfsense kernel: wlan2: changing name to 'ath0_wlan2' Apr 2 21:02:00 pfsense kernel: wlan3: Ethernet address: 0e:f0:21:2e:5d:50 Apr 2 21:02:00 pfsense kernel: wlan3: changing name to 'ath0_wlan3' Apr 2 21:02:00 pfsense kernel: Apr 2 21:02:00 pfsense kernel: vlan0: changing name to 'igb0.20' Apr 2 21:02:01 pfsense sshd[14507]: Server listening on :: port 22. Apr 2 21:02:01 pfsense sshd[14507]: Server listening on 0.0.0.0 port 22. Apr 2 21:02:04 pfsense kernel: igb0: link state changed to UP Apr 2 21:02:04 pfsense kernel: igb0.20: link state changed to UP Apr 2 21:02:04 pfsense check_reload_status: Linkup starting igb0 Apr 2 21:02:04 pfsense check_reload_status: Linkup starting igb0.20 Apr 2 21:02:07 pfsense check_reload_status: rc.newwanip starting igb0.20 Apr 2 21:02:07 pfsense kernel: vlan1: changing name to 'igb0.832' Apr 2 21:02:08 pfsense php-fpm[395]: /rc.newwanip: rc.newwanip: Info: starting on igb0.20. Apr 2 21:02:08 pfsense php-fpm[395]: /rc.newwanip: rc.newwanip: on (IP address: 0.0.0.0) (interface: WAN[wan]) (real interface: igb0.20). Apr 2 21:02:08 pfsense php-fpm[395]: /rc.newwanip: rc.newwanip: Failed to update wan IP, restarting... Apr 2 21:02:08 pfsense check_reload_status: Configuring interface wan Apr 2 21:02:08 pfsense check_reload_status: rc.newwanip starting igb0.20 Apr 2 21:02:08 pfsense kernel: done. Apr 2 21:02:09 pfsense kernel: done. Apr 2 21:02:09 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: Info: starting on igb0.20. Apr 2 21:02:09 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: on (IP address: 90.74.232.209) (interface: WAN[wan]) (real interface: igb0.20). Apr 2 21:02:09 pfsense php-fpm[396]: /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 90.74.239.254 Apr 2 21:02:10 pfsense kernel: done. Apr 2 21:02:10 pfsense kernel: bridge0: Ethernet address: 02:0c:6d:eb:8d:00 Apr 2 21:02:10 pfsense php-cgi: rc.bootup: Resyncing OpenVPN instances. Apr 2 21:02:10 pfsense kernel: igb2: promiscuous mode enabled Apr 2 21:02:10 pfsense kernel: bridge0: link state changed to UP Apr 2 21:02:10 pfsense kernel: ath0_wlan0: promiscuous mode enabled Apr 2 21:02:10 pfsense kernel: Apr 2 21:02:10 pfsense kernel: tun1: changing name to 'ovpns1' Apr 2 21:02:10 pfsense check_reload_status: rc.newwanip starting igb0.20 Apr 2 21:02:10 pfsense kernel: ovpns1: link state changed to UP Apr 2 21:02:10 pfsense kernel: tun2: changing name to 'ovpns2' Apr 2 21:02:10 pfsense check_reload_status: rc.newwanip starting ovpns1 Apr 2 21:02:11 pfsense kernel: ovpns2: link state changed to UP Apr 2 21:02:11 pfsense check_reload_status: rc.newwanip starting ovpns2 Apr 2 21:02:11 pfsense kernel: pflog0: promiscuous mode enabled Apr 2 21:02:11 pfsense kernel: . Apr 2 21:02:11 pfsense php-fpm[395]: /rc.newwanip: rc.newwanip: Info: starting on igb0.20. Apr 2 21:02:11 pfsense kernel: Apr 2 21:02:11 pfsense kernel: DUMMYNET 0 with IPv6 initialized (100409) Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched FIFO loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched QFQ loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched RR loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched WF2Q+ loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched PRIO loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched FQ_CODEL loaded Apr 2 21:02:11 pfsense kernel: load_dn_sched dn_sched FQ_PIE loaded Apr 2 21:02:11 pfsense kernel: load_dn_aqm dn_aqm CODEL loaded Apr 2 21:02:11 pfsense kernel: load_dn_aqm dn_aqm PIE loaded Apr 2 21:02:11 pfsense php-fpm[395]: /rc.newwanip: rc.newwanip: on (IP address: 90.74.232.209) (interface: WAN[wan]) (real interface: igb0.20). Apr 2 21:02:11 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: Info: starting on ovpns1. Apr 2 21:02:11 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: on (IP address: 10.0.76.1) (interface: []) (real interface: ovpns1). Apr 2 21:02:11 pfsense php-fpm[395]: /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 90.74.239.254 Apr 2 21:02:12 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: Info: starting on ovpns2. Apr 2 21:02:12 pfsense php-fpm[396]: /rc.newwanip: rc.newwanip: on (IP address: 10.0.1.1) (interface: []) (real interface: ovpns2). Apr 2 21:02:13 pfsense kernel: igb1: link state changed to UP Apr 2 21:02:13 pfsense check_reload_status: Linkup starting igb1 Apr 2 21:02:13 pfsense php-cgi: rc.bootup: Removing static route for monitor 8.8.8.8 and adding a new route through 90.74.239.254 Apr 2 21:02:13 pfsense kernel: done. Apr 2 21:02:14 pfsense kernel: Apr 2 21:02:14 pfsense kernel: igb2: link state changed to UP Apr 2 21:02:14 pfsense check_reload_status: Linkup starting igb2 Apr 2 21:02:14 pfsense php-cgi: rc.bootup: Default gateway setting Interface WAN_DHCP Gateway as default. Apr 2 21:02:14 pfsense php-cgi: rc.bootup: Gateway, none 'available' for inet6, use the first one configured. '' Apr 2 21:02:24 pfsense php-cgi: rc.bootup: sync unbound done. Apr 2 21:02:24 pfsense kernel: done. Apr 2 21:02:24 pfsense kernel: pw: group `wheel' does not exist Apr 2 21:02:25 pfsense kernel: done. Apr 2 21:02:25 pfsense kernel: done. Apr 2 21:02:25 pfsense php-cgi: rc.bootup: NTPD is starting up. Apr 2 21:02:26 pfsense kernel: done. Apr 2 21:02:26 pfsense dhcpleases: kqueue error: unknown Apr 2 21:02:26 pfsense check_reload_status: Updating all dyndns Apr 2 21:02:26 pfsense kernel: . Apr 2 21:02:27 pfsense kernel: . Apr 2 21:02:27 pfsense kernel: .. Apr 2 21:02:27 pfsense php-fpm[396]: /rc.dyndns.update: phpDynDNS (grigri.cloud): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry. Apr 2 21:02:28 pfsense kernel: 0 addresses deleted. Apr 2 21:02:32 pfsense kernel: done. Apr 2 21:02:32 pfsense php-cgi: rc.bootup: Creating rrd update script Apr 2 21:02:32 pfsense kernel: done. Apr 2 21:02:33 pfsense root: /etc/rc.d/hostid: WARNING: hostid: unable to figure out a UUID from DMI data, generating a new one Apr 2 21:02:36 pfsense syslogd: exiting on signal 15 Apr 2 21:02:36 pfsense syslogd: kernel boot file is /boot/kernel/kernel Apr 2 21:02:36 pfsense kernel: done. Apr 2 21:02:37 pfsense php-fpm[395]: /rc.start_packages: Restarting/Starting all packages. Apr 2 21:02:37 pfsense php-fpm[395]: [pfBlockerNG] Starting cron process. Apr 2 21:02:38 pfsense check_reload_status: Syncing firewall Apr 2 21:02:38 pfsense check_reload_status: Reloading filter Apr 2 21:02:40 pfsense php-fpm[6848]: /status_logs.php: Successful login for user 'admin' from: 192.168.76.82 (Local Database Fallback) Apr 2 21:02:40 pfsense php-cgi: haproxy: starting old pid:none Apr 2 21:02:41 pfsense php-cgi: haproxy: started new pid:86070
I don't have any other router to try it. How can I do a deep debug? Could try to generate certs manually or something? I'm totally lost :S
Thanks for your help, anyway.
-
That all seems OK.
Last time something weird like this happened that wasn't due to globals.inc shenanigans the user had manually created their own disk layout with multiple disks and it botched the update somehow.
What does the
mount
command output? -
mount /dev/ufsid/56dcd2f0ead8d48f on / (ufs, local, journaled soft-updates) devfs on /dev (devfs, local) /dev/md0 on /tmp (ufs, local) /dev/md1 on /var (ufs, local) devfs on /var/dhcpd/dev (devfs, local)
-
Any test that could I do? or any deep doc about this at code? or code properly, I'm not php programmer but I could try to debug something with my setup if some one show me the right direction.
-
You could try disabling the RAM disks for /var and /tmp to see if that makes a difference (System > Advanced, Misc tab).
If it still fails identically, backup your config and reinstall, then restore the config. That would ensure your system is consistent.
If it still fails then it must be something in your config/environment like the parameters in your CA.
-
@jimp Ok, I tried disabling RAM disks but it didn't work.
I tested on a VM with 2.4.5 and restoring my configuration and I can create certificates so. I will try to update to dev branch and see if it works. If not I will have to reinstall 2.4.5.
Thanks!
-
Ok, going to 2.5.0 did not work.
-
I reinstalled 2.4.5 and finally it works :) Thanks @jimp .
I used this reinstall to use ZFS instead :) so cool.
-
The only problem with such a solution - is the actual root cause remains a mystery :(