Page 1 of 1

Verification Error

Posted: Fri Nov 07, 2008 9:54 pm
by steamrunner
Hi,

I'm just trying out Viscosity and am having the following problem. I've been using TunnelBlick (successfully) until now and let Viscosity import my TunnelBlick connection details, but on attempting to connect Viscosity fails with the following log details:

Fri Nov 7 10:47:38 2008: Error parsing PKCS#12 file pkcs.p12: error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure: error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
Fri Nov 7 10:47:38 2008: Error: private key password verification failed

If I switch back to TunnelBlick all is well still so I'm presuming my PKSC#12 sig file is OK...? I've tried removing and re-importing the config again (and telling Viscosity to remember the certificate file name) but no change.

Any ideas?!

Regards,

S.

Re: Verification Error

Posted: Mon Nov 10, 2008 12:17 am
by James
Hi steamrunner,

Is Viscosity prompting you for a password? If not, if you go Preferences->Edit Your Connection->Advanced, is there a "askpass [file]" command there? If so, try deleting it, click Save, and try connecting again.

You may like to try comparing the OpenVPN config file Viscosity is using to the one Tunnelblick is using and see if there are any important differences. You can find Viscosity's config file at:
Your Home Directory->Library->Application Support->Viscosity->OpenVPN->#->config.conf

You can find Tunnelblick's OpenVPN config file at:
Your Home Directory->Library->openvpn

If you're not sure what to look for, feel free to send your config file to [email protected] (you may like to censor out any sensitive addresses) and I'll take a look.

Cheers
James

Re: Verification Error

Posted: Mon Nov 10, 2008 4:21 am
by steamrunner
Hi James, thanks for the reply.

No, I'm not being asked for a password, and that config line isn't there in the "advanced" tab of my config.

Here's my Viscosity and OpenVPN config files (IP addresses and other essentials obscured, so I don't think it's a problem posting them here). There's a few differences, but I'm not sure what each might mean:

#OpenVPN Server conf
tls-client
client
dev tun
proto udp
tun-mtu 1500
remote <IP.AD.DR.ES> 1194
pkcs12 MyName.p12
cipher BF-CBC
comp-lzo
verb 3
ns-cert-type server



#-- Config Auto Generated By Viscosity --#

#viscosity startonopen false
#viscosity dnssupport false
#viscosity name MyConnection
pull
comp-lzo
remote <IP.AD.DR.ES> 1194
tls-auth ta.key
proto udp
dev tun
tls-client
pkcs12 pkcs.p12
tun-mtu 1500
cipher BF-CBC
ns-cert-type server


Regards,

S.

Re: Verification Error

Posted: Mon Nov 10, 2008 2:21 pm
by James
Try Editing your connection in Viscosity, go to the Certificates tab, and click the "Clear" button next to the Tls-Auth field. Click Save and try reconnecting.

Cheers
James

Re: Verification Error

Posted: Tue Nov 11, 2008 5:01 am
by steamrunner
Nope, no change, sorry James...

S.

Re: Verification Error

Posted: Wed Nov 12, 2008 5:00 pm
by James
Well importing your connection manually should do the trick:

1. Go to Your Home Folder->Library->Application Support->Viscosity->OpenVPN
2. Create a new folder with it's name being a number (e.g. "1", or if 1 is taken, "2", etc)
3. Copy your config file (from Your Home Folder->Library->openvpn) into the new folder, along with any other needed certificate files, etc
4. Rename your copied config file to "config.conf"
5. Reopen Viscosity

Cheers
James