Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS: Initial packet from [AF_INET]218.109.201.2:53932, sid=412dcd80 f5ddfb47
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive.
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS_ERROR: BIO read tls_read_plaintext error
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS object -> incoming plaintext read error
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS handshake failed
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 SIGUSR1[soft,tls-error] received, client-instance restarting
Mon Feb 24 15:23:10 2020 218.109.201.2:53934 TLS: Initial packet from [AF_INET]218.109.201.2:53934, sid=6bd5599e afa06e6e
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive.
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS_ERROR: BIO read tls_read_plaintext error
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS Error: TLS object -> incoming plaintext read error
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS Error: TLS handshake failed
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 SIGUSR1[soft,tls-error] received, client-instance restarting
我自己也有用过OpenVPN,看表面的错误讯息,你的OPENVPN SERVER和OPENVPN CLIENT,有可能是用不同的版本,也有可能是因为你在OPENVPN SERVER端和OPENVPN CLIENT端的设定不相同,因为下面说两边找不到相同共通可用的CIPHER,当两边的安全认证都成功了,接下来就是用共通的CIPHER(加密方法)来通讯,CIPHER就是双方共通的某一种加密方法。 OPENVPN客户端会给OPENVPN伺服端一个例表的不同可接受的加密方法,OPENVPN伺服端会在其中选择一个自己也有的加密方法,再通知客户端一起用来在最后实际通讯过程中使用。
(1) "no shared cipher" <==> 就是没有共通可用的相同加密方法可用
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS_ERROR: BIO read tls_read_plaintext error
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS object -> incoming plaintext read error
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS handshake failed
Mon Feb 24 15:22:09 2020 218.109.201.2:53932 SIGUSR1[soft,tls-error] received, client-instance restarting
Mon Feb 24 15:23:10 2020 218.109.201.2:53934 TLS: Initial packet from [AF_INET]218.109.201.2:53934, sid=6bd5599e afa06e6e
(2) 下面是说伺服器没有和客户端相同的加密方法可用,说可能是用户对可用加密方法的设定太严格。
Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive.