Hello all,
Today I wanted to create a new certificate for a client in OpenVPN.
After saving I get the message
"OpenSSL has caused an error: 256 "
What do I have to do to create a certificate again.
Hallo @nightman
Welcome to the IPFire community.
Searching for Openssl error codes the number 256 comes up as related to an unsupported cipher.
What encryption cipher do you have selected on the IPFire server configuration page?
AES-CBC (256) encryption is selected for me.
Is this no longer supported. Which one would I have to select then.
As far as I am aware that is a strong cipher and should still be valid.
I just changed my cipher AES-GCM (256 bit) to yours and then created a new client and it all went through with no problem.
I think the error code must mean something different.
I also tried it with and without a password and both worked fine and having a difference in the password comes up with the error message passwords don’t match so it is also not that.
I will have to think further on what could be the cause for this.
Sorry for no solution at the moment.
Searching the forum I found this thread which had the same issue:-
https://community.ipfire.org/t/openvpn-client-creation-problem/2355
I think you need to delete the old connection name first if you want to use the same system host name in the certificate.
I just tried that, using a different connection name but an existing hostname and I got the error 256 message.
So to keep the same hostname you have to delete the existing connection first.
3 Likes
That was it. The hostname (have here the username genome) must exist only once.
Thanks for the quick help.
1 Like