Connectivity issues in OpenVPN and "AEAD Decrypt error: cipher final failed"
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	valerio.bozzolan
	Dec 14 2020, 16:25

Description

Today a company reported random connectivity issues through an OpenVPN server. Together with these errors in the logs:

journalctl -fu openvpn@server

AEAD Decrypt error: cipher final failed

We have fixed reading the whole server configuration and finding this part:

/etc/openvpn/server.conf

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names.  This is recommended
# only for testing purposes.  For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn

So. If you have multiple clients sharing the same certificate, you have to de-comment that line.

Remove ; before duplicate-cn then save and restart the OpenVPN server and everything should work again.

This task is published in the hope to reach search engines and save time to other people.

Event Timeline

valerio.bozzolan triaged this task as Normal priority.Dec 14 2020, 16:25

valerio.bozzolan created this task.

Restricted Application added a project: User-valerio.bozzolan. · View Herald TranscriptDec 14 2020, 16:25

valerio.bozzolan closed this task as Resolved.Dec 14 2020, 16:25

valerio.bozzolan moved this task from Backlog to Second week December 2020 on the User-valerio.bozzolan board.Jan 3 2021, 21:37

valerio.bozzolan edited projects, added User-valerio.bozzolan (Second week December 2020); removed User-valerio.bozzolan.

Connectivity issues in OpenVPN and "AEAD Decrypt error: cipher final failed"Closed, ResolvedPublicActions

Description

Event Timeline

Connectivity issues in OpenVPN and "AEAD Decrypt error: cipher final failed"
Closed, ResolvedPublic
Actions