I have Debian 8 server with OpenVPN 2.4.7.
After the server rebooting all Clients still have a successful VPN connection, but without internet.
Firstly, I tried to check the status of the VPN service: service openvpn status and I received particularly active status:
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset: enabled) Active: active (exited) since Mon 2021-08-16 08:41:18 EDT; 1h 4min ago Process: 9361 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 9361 (code=exited, status=0/SUCCESS)сер 16 08:41:18 buildserver systemd[1]: Starting OpenVPN service...сер 16 08:41:18 buildserver systemd[1]: Started OpenVPN service.I thought that the original status should be Active: active (running). So I watched log on the server: grep vpn /var/log/syslog and saw just 5 lines, each 5 seconds:
Aug 16 09:49:00 buildserver systemd[1]: openvpn@base.service: Scheduled restart job, restart counter is at 2286.Aug 16 09:49:00 buildserver ovpn-base[12458]: Options error: You must define CA file (--ca) or CA path (--capath)Aug 16 09:49:00 buildserver ovpn-base[12458]: Use --help for more information.Aug 16 09:49:00 buildserver systemd[1]: openvpn@base.service: Main process exited, code=exited, status=1/FAILUREAug 16 09:49:00 buildserver systemd[1]: openvpn@base.service: Failed with result 'exit-code'.As I understood, I should define CA file But I see it available in the /etc/openvpn directory. Also in the server.config file I see all records:
ca /etc/openvpn/ca.crtcert /etc/openvpn/server.crtkey /etc/openvpn/server.key # This file should be kept secretThe second reason for this error may be caused by crl.pem file, but I do not know. I can provide additional information but now I do not know what data will be useful for helping.