否则会报错cannot read: crl.pem: Permission denied (errno=13)
官方解释是要可读的。
OpenVPN needs to have the crl.pem file in a world readable directory because OpenVPN executes as nobody:nogroup once launched, and it checks this file on each client connection. You do not wish to set /etc/openvpn/easy-rsa/keys/ world readable.
Build the Diffie-Hellman parameters for the server side
123 于 2010-06-26 21:45(14 年以前) 发表: 0 EL:0 AF:3/1 ]
Sat Jun 26 20:42:53 2010 Local Options hash (VER=V4): '41690919'
Sat Jun 26 20:42:53 2010 Expected Remote Options hash (VER=V4): '530fdded'
Sat Jun 26 20:42:53 2010 UDPv4 link local (bound): [undef]:1194
Sat Jun 26 20:42:53 2010 UDPv4 link remote: 61.164.41.148:1194
Sat Jun 26 20:43:53 2010 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Sat Jun 26 20:43:53 2010 TLS Error: TLS handshake failed
Sat Jun 26 20:43:53 2010 TCP/UDP: Closing socket
Sat Jun 26 20:43:53 2010 SIGUSR1[soft,tls-error] received, process restarting
Sat Jun 26 20:43:53 2010 Restart pause, 2 second(s)
Sat Jun 26 20:43:55 2010 IMPORTANT: OpenVPN's default port number is now 1194, b
ased on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earl
ier used 5000 as the default port.
Sat Jun 26 20:43:55 2010 Re-using SSL/TLS context
Sat Jun 26 20:43:55 2010 LZO compression initialized
Sat Jun 26 20:43:55 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:
0 EL:0 ]
Sat Jun 26 20:43:55 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:
0 EL:0 AF:3/1 ]
Sat Jun 26 20:43:55 2010 Local Options hash (VER=V4): '41690919'
Sat Jun 26 20:43:55 2010 Expected Remote Options hash (VER=V4): '530fdded'
Sat Jun 26 20:43:55 2010 UDPv4 link local (bound): [undef]:1194
Sat Jun 26 20:43:55 2010 UDPv4 link remote: 61.164.41.148:1194
一直出现这个问题,但是服务器上的 UDP 1194端口是开放的,不知道为何,请教