Question

Job for openvpn@server.service failed because the control process exited with error code

Apr 30 07:02:09 centos-512mb-sgp2.db-01 systemd[1]: Starting OpenVPN Robust And Highly Flexible T… Apr 30 07:02:09 centos-512mb-sgp2.db-01 openvpn[10300]: Sun Apr 30 07:02:09 2017 WARNING: cannot s…2) Apr 30 07:02:09 centos-512mb-sgp2.db-01 openvpn[10300]: Options error: --tls-auth fails with 'ta.k…ry Apr 30 07:02:09 centos-512mb-sgp2.db-01 openvpn[10300]: Options error: Please correct these errors. Apr 30 07:02:09 centos-512mb-sgp2.db-01 openvpn[10300]: Use --help for more information. Apr 30 07:02:09 centos-512mb-sgp2.db-01 systemd[1]: openvpn@server.service: main process exited, …URE Apr 30 07:02:09 centos-512mb-sgp2.db-01 systemd[1]: Failed to start OpenVPN Robust And Highly Fle…er. Apr 30 07:02:09 centos-512mb-sgp2.db-01 systemd[1]: Unit openvpn@server.service entered failed state. Apr 30 07:02:09 centos-512mb-sgp2.db-01 systemd[1]: openvpn@server.service failed. Hint: Some lines were ellipsized, use -l to show in full.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

@christiangelosulit Can you run the command again with -l as parameter to show full lines (like it says in the bottom).

This is a very faulty tutorial - there is absolutely NO REFERENCE to generating or inserting a ta.key in the tutorial. I don’t know how digital ocean vets the crowd-sourced tutorials but there are many of them that are not accurate.

Trying to make heads or tails of shadynagi’s advice also doesn’t work.

I generated a secret ta.key in the /etc/openvpn directory and still errors. Are there supposed to be references in the server.conf to BOTH a server.key and ta.key or just or the other.

C’mon digital ocean, step in and clear this up please.

Thank you.

#openvpn --genkey --secret ta.key

and make this file like this /etc/openvpn/ta.key