# openvpn start error:0906D06C

## JACEM

I'm trying to get openvpn started as a server in my network.  I've made keys with the following commands  

```
openssl req -new -newkey rsa:1024 -out certs/server.pem -nodes -keyout private/serverkey.pem
```

I am getting the following errors when I try to start the server

Apr  9 18:12:51 data1 openvpn[2377]: OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [eurephia] built on Apr  9 2013

Apr  9 18:12:51 data1 openvpn[2377]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.

Apr  9 18:12:51 data1 openvpn[2377]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Apr  9 18:12:51 data1 openvpn[2377]: Diffie-Hellman initialized with 1024 bit key

Apr  9 18:12:51 data1 openvpn[2377]: Cannot load certificate file /etc/openvpn/cacert/certs/server.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib

Apr  9 18:12:51 data1 openvpn[2377]: Exiting

Apr  9 18:12:51 data1 /etc/init.d/openvpn[2376]: start-stop-daemon: failed to start `/usr/sbin/openvpn'

Apr  9 18:12:51 data1 /etc/init.d/openvpn[2362]: ERROR: openvpn failed to start

I've recreated the keys multiple times and I've deleted the old ones and tried new names nothing helps

TIA 

jonathan

----------

## syn0ptik

There something wrong with openssl.

Co yould try to use openssl.cnf with that script

```
export KEY_CONFIG=/usr/local/share/openvpn/easy-rsa/openssl.cnf

export KEY_DIR=/usr/local/share/openvpn/easy-rsa/keyz

export KEY_SIZE=1024

export KEY_COUNTRY=XZ

export KEY_PROVINCE=XZ

export KEY_CITY=confiderative

export KEY_ORG="private"

export KEY_EMAIL="my@private.net"

```

----------

## JACEM

Easy-RSA is Blocked by OpenVPN so I Tried this with what I think are my correct Values.

```

export KEY_CONFIG=/etc/ssl/openssl.cnf 

export KEY_DIR= /etc/ssl

export KEY_SIZE=1024 

export KEY_COUNTRY=XZ 

export KEY_PROVINCE=XZ 

export KEY_CITY=confiderative 

export KEY_ORG="private" 

export KEY_EMAIL="my@private.net"

```

I'm still getting the same error

----------

