How to pass a password for a Public Key Infrastrutur ?



  • I have pfsense as OpenVPN Client.
    The other side is Zerina on Ipcop.
    It is a tun based connection
    But the connection on the Zerina site needs a password.
    How can i pass this in the pfsense settings ?

    Does this make sense ?

    openvpn[23758]: Exiting
    openvpn[23758]: Error: private key password verification failed
    openvpn[23758]: Cannot load private key file /var/etc/openvpn_client0.key: error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib



  • i suppose you want to use a shared key for a site to site connection and not in a PKI?
    or do you really use a PKI as you say in your thread-title?

    you need to fill in the key you use on your Ipcop in the field on the config-page.
    or if you use a PKI fill in the CA-certificat, your own certificat and the private key.



  • It is a PKI what i get from the IPCOP, but the pki does have a password
    When i use it on windows with the client from openvpn.se it is asking me for a password. (Client to Net)
    and on the setup on the IPCop i had to enter a Password even in PKI

    pfsense is setup as client and it took my CA, Client certificate and Client Key just fine.

    Pfsense is always coming up with this

    Aug 2 20:39:04 openvpn[43938]: Exiting
    Aug 2 20:39:04 openvpn[43938]: Error: private key password verification failed
    Aug 2 20:39:04 openvpn[43938]: Cannot load private key file /var/etc/openvpn_client0.key: error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
    Aug 2 20:39:04 openvpn[43938]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Aug 2 20:39:04 openvpn[43938]: OpenVPN 2.0.6 i386-portbld-freebsd6.1 [SSL] [LZO] built on Apr 6 2006

    I'm a noob on OpenVPN … :-)


Log in to reply