password authentication vs ssl/tls client authentication?

Got a problem with Viscosity or need help? Ask here!

szabesz

Posts: 2
Joined: Sat Nov 15, 2008 2:17 am

Post by szabesz » Sat Nov 15, 2008 2:38 am
Hi,

I'm evaluating Viscosity and trying to set it up so that I can connect to our company's server.

My knowledge about networking is rather limited, so I'm struggling... My system admin told me that we use password authentication and not SSL/TLS client authentication. Although in the networks tab of Viscosity it is possible to enable "use username/password authentication", I cannot find a way to get rid of this: "Options error: Parameter tls_remote can only be specified in TLS-mode, i.e. where --tls-server or --tls-client is also specified."

No matter what I set in the Certificates panel, I get this or a similar error. I used the "Satic Key" type with a "secret.key" file, because the other two options are called SSL/TLS which we do not use.

But the error message suggests that Viscosity is trying to use TLS. How can I use password authentication only?

Or to simply put: what am I doing wrong?

Please help!
Szabesz

James

User avatar
Posts: 1876
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Sun Nov 16, 2008 12:32 am
Hi Szabesz,

If you edit your connection, and go to the Advanced tab, are their any TLS based commands there (namely tls-remote)? If you delete these, how do you go?

If you're able to, ask your system admin for a OpenVPN config file for Windows, and import this into Viscosity. It should hopefully work without modification.

Cheers
James
James Bekkema
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

szabesz

Posts: 2
Joined: Sat Nov 15, 2008 2:17 am

Post by szabesz » Mon Nov 17, 2008 7:04 am
Hi James,

Thanx for the reply. Yes, I had "tls-remote" in the advanced commands. I deleted it and "it got a bit better" :) The log had changed to: "Options error: You must define CA file (--ca) or PKCS#12 file (--pkcs12)". After this, in the Certificates tab I provided my ca.crt file.

Now the connection can get started, but right now I am at another place where I need to configure the routers so that I can connect... I will do it soon (maybe tomorrow), and hope that I will finally be able to connect.

Btw it was the Windows config file that I used in the first place.

Hope I can get back with good news :)
Best,
Szabesz
3 posts Page 1 of 1