My client Openvpn setup on 2.0.x experience this evening…
While trying to apply my previous knowledge of openvpn of pfsense 1.2.3… and after reading many posts and other websites trouble shooting errors...
I was trying to apply my 1.2.3 methods of configuration files that included a CA.crt, client.key, and client.crt, (and maybe a tls-auth ta.key). So I generated these in the Cert Manager and User Manager. (but the server was expecting a different method all together from the client).
This wasn't happening... I had all kinds of mumbo jumbo errors... "TLS_ERROR: BIO read tls_read_plaintext error", "nsCertType ERROR", yaadda yaadda yaaada.
I decided to just use the darn wizard.
I DID find that its important to install the "Openvpn Client Export Utility" before you do ANYTHING from the package manager System > Packages. Because it seems to generate its configurations as you generate your CA, cert, and user certs. (just use the darn wizard like I did, save yourself some time. :))
The Client Export utility generates a .p12 and a tls.key instead, oh and also the openvpn-client.conf if you want it to. (I had no idea what the server was expecting, this helped a TON since I had no idea what the options were... heh).
Here is the client.conf that the export utility generated based on my settings:
remote some.ip.address 1194
tls-auth pfsense-udp-1194-tls.key 1
So here is my dump of info.
I'm goin to bed. Gnight!