Centos 7 no longer supports MD5,
Error msg:
OpenSSL: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed TLS_ERROR: BIO read tls_read_plaintext error TLS Error: TLS object -> incoming plaintext read error TLS Error: TLS handshake failed Fatal TLS error (check_tls_errors_co), restarting SIGUSR1[soft,tls-error] received, process restarting Restart pause, 5 second(s)
Solution:
#yum install openvpn #cd /etc/openvpn mv client.conf service.conf #systemctl enable [email protected]
Add this line to /usr/lib/systemd/system/openvpn@service
[Service] Environment="OPENSSL_ENABLE_MD5_VERIFY=1 NSS_HASH_ALG_SUPPORT=+MD5" #systemctl daemon-reload #systemctl restart [email protected]
