Since Yeasterday!

hi, was using this configuration until yesterday, but can't connect it anymore and even not downloading the *.zip packages to reconfigure it again!
Error Logs:

# openvpn Netherlands.ovpn 
Sat Jan  1 17:30:11 2000 OpenVPN 2.2.1 arm-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Jun 23 2014
Enter Auth Username:p6435446
Enter Auth Password:
Sat Jan  1 17:30:26 2000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jan  1 17:30:26 2000 LZO compression initialized
Sat Jan  1 17:30:26 2000 RESOLVE: NOTE: nl.privateinternetaccess.com resolves to 13 addresses
Sat Jan  1 17:30:26 2000 UDPv4 link local: [undef]
Sat Jan  1 17:30:26 2000 UDPv4 link remote: 46.166.138.170:1198
Sat Jan  1 17:30:26 2000 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jan  1 17:30:26 2000 VERIFY ERROR: depth=1, error=certificate is not yet valid: /C=US/ST=CA/L=LosAngeles/O=Private_Internet_Access/OU=Private_Internet_Access/CN=Private_Internet_Access/name=Private_Internet_Access/emailAddress=secure@privateinternetaccess.com
Sat Jan  1 17:30:26 2000 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
Sat Jan  1 17:30:26 2000 TLS Error: TLS object -> incoming plaintext read error
Sat Jan  1 17:30:26 2000 TLS Error: TLS handshake failed
Sat Jan  1 17:30:26 2000 SIGUSR1[soft,tls-error] received, process restarting
Sat Jan  1 17:30:28 2000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jan  1 17:30:28 2000 Re-using SSL/TLS context
Sat Jan  1 17:30:28 2000 LZO compression initialized
Sat Jan  1 17:30:28 2000 RESOLVE: NOTE: nl.privateinternetaccess.com resolves to 13 addresses
Sat Jan  1 17:30:28 2000 UDPv4 link local: [undef]
Sat Jan  1 17:30:28 2000 UDPv4 link remote: 46.166.138.130:1198
Sat Jan  1 17:30:28 2000 VERIFY ERROR: depth=1, error=certificate is not yet valid: /C=US/ST=CA/L=LosAngeles/O=Private_Internet_Access/OU=Private_Internet_Access/CN=Private_Internet_Access/name=Private_Internet_Access/emailAddress=secure@privateinternetaccess.com
Sat Jan  1 17:30:28 2000 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
Sat Jan  1 17:30:28 2000 TLS Error: TLS object -> incoming plaintext read error
Sat Jan  1 17:30:28 2000 TLS Error: TLS handshake failed
Sat Jan  1 17:30:28 2000 SIGUSR1[soft,tls-error] received, process restarting
Sat Jan  1 17:30:30 2000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jan  1 17:30:30 2000 Re-using SSL/TLS context
Sat Jan  1 17:30:30 2000 LZO compression initialized
Sat Jan  1 17:30:30 2000 RESOLVE: NOTE: nl.privateinternetaccess.com resolves to 13 addresses



https://pastebin.com/raw/NufvgbRR
and if i try to redownload the packages

 
wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
--2000-01-01 18:34:57--  https://www.privateinternetaccess.com/openvpn/openvpn.zip
Resolving www.privateinternetaccess.com... 104.75.81.5
Connecting to www.privateinternetaccess.com|104.75.81.5|:443... connected.
ERROR: cannot verify www.privateinternetaccess.com's certificate, issued by 'CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US':
  Issued certificate not yet valid.
To connect to www.privateinternetaccess.com insecurely, use `--no-check-certificate'.


 
What did you changed in the?
 ca.rsa.2048.crt
crl.rsa.2048.pem 
Regards
Tagged:

Comments

  • edited September 22 Posts: 298
    is "Yeasterday" a day of celebratory bread-making?

    seriously, though, the logs indicate the effective date of the certificate is in the future relative to the date your system thinks it is. oops.
    Post edited by martouf on
  • Hi Mamphp,

    Sorry for the inconvenience. I was looking at your logs and I saw 

    "Sat Jan 1 17:30:26 2000"

    It looks like your time is incorrect and that's why it won't work. Please keep in mind that on certain router firmware versions (such as specific builds of DD-WRT for instance) the time just does not work at all until it completes its' first sync using NTP

    I hope this helps

    Regards

    Jayson Q.
    Head of Customer Support
  • Posts: 5
    Ohhhh... FIXED! Thanks again :smile:
Sign In or Register to comment.