Hi all,
I’m attempting to create an OVPN Connection but when I attempt to add the cert to the OVPN Interface I get an error spit out that it couldn’t read the key. I’m using RouterOS 5.6 on a RB751U-2HnD machine and I created the certs with openvpn in centos 6.
Below is what I’ve done - can anyone lend some assistance?
[admin@MikroTik] > /certificate import-file-name=server.crt
syntax error (line 1 column 30)
[admin@MikroTik] > /certificate import file-name=server.crt
passphrase:
certificates-imported: 1
private-keys-imported: 0
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
[admin@MikroTik] > /certificate import file-name=server.key
passphrase:
certificates-imported: 0
private-keys-imported: 0
files-imported: 0
decryption-failures: 0
keys-with-no-certificate: 0
[admin@MikroTik] > /ip pool add name=ovpn-pool ranges=172.21.0.10-172.21.0.20
[admin@MikroTik] > /ppp profile add local-address=172.21.0.1 name=ovpn remote-addre
[admin@MikroTik] > /ppp secret add name=davedave password=testingpass profile=ovpn
[admin@MikroTik] > /interface ovpn-server server set default-profile=ovpn enabled=y
could not load private key
[admin@MikroTik] > /interface ovpn-server server set default-profile=ovpn enabled=y
input does not match any value of certificate
[admin@MikroTik] > /interface ovpn-server server set default-profile=ovpn enabled=y
input does not match any value of certificate
[admin@MikroTik] > /certificate print
Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa
0 name="cert1" subject=C=CA,ST=ON,L=Toronto,O=TruInc,OU=IT,CN=davedave,name=dav
issuer=C=CA,ST=ON,L=Toronto,O=TruInc,OU=IT,CN=davedave,name=davedave,emailAdd
invalid-after=nov/29/2022 21:52:48 ca=yes
[admin@MikroTik] > /interface ovpn-server server set default-profile=ovpn enabled=y
could not load private key
[admin@MikroTik] > /certificate import file-name=server.crt.key.txt
passphrase:
input does not match any value of file-name
[admin@MikroTik] > ls
bad command name ls (line 1 column 1)
[admin@MikroTik] > dir
bad command name dir (line 1 column 1)
[admin@MikroTik] > system license print
software-id: CQF8-TUWW
upgradable-to: v7.x
nlevel: 4
features:
[admin@MikroTik] > system resource print
uptime: 1w3d3h30m29s
version: 5.6
free-memory: 14100KiB
total-memory: 29708KiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 400MHz
cpu-load: 3%
free-hdd-space: 31964KiB
total-hdd-space: 61440KiB
write-sect-since-reboot: 2907
write-sect-total: 6167
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB751U-2HnD
platform: MikroTik
[admin@MikroTik] > certificate print
Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa
0 name="cert1" subject=C=CA,ST=ON,L=Toronto,O=TruInc,OU=IT,CN=davedave,name=davedave,emailAddress=david.storie@truinc.ca
issuer=C=CA,ST=ON,L=Toronto,O=TruInc,OU=IT,CN=davedave,name=davedave,emailAddress=david.storie@truinc.ca serial-number="01" email=david.storie@truinc.ca invalid-before=dec/01/2012 21:52:48
invalid-after=nov/29/2022 21:52:48 ca=yes
[admin@MikroTik] >
[admin@MikroTik] > interface ovpn-server server set default-profile=ovpn enabled=yes mode=ethernet netmask=24 require-client-certificate=no certificate=cert1
could not load private key
[admin@MikroTik] >