Jump to content
TorGuard

🔥 HowTo - OpenWRT with any TorGuard's Wireguard IP

Rate this topic


19807409
 Share

Recommended Posts

2 minutes ago, 19807409 said:

This post made my day today 💥💥💥  🤣

Yes, thats a screenshot and they are clickable in the original post. You have to be logged in for ability to download it, you should see it like in a screenshot which you tried to click in hope to be download links :)

IM logged yes, and here what it is when I click on the original post

 

Capture d’écran_2021-01-24_15-02-45.png

Link to comment
Share on other sites

4 minutes ago, James8078 said:

IM logged yes, and here what it is when I click on the original post

 

Capture d’écran_2021-01-24_15-02-45.png

I sent it over email, gpg encrypted, check your email

Link to comment
Share on other sites

6 minutes ago, James8078 said:

IM logged yes, and here what it is when I click on the original post

 

Capture d’écran_2021-01-24_15-02-45.png

@Support by definition, :) I would claim my attachment got silent banned as I clearly downloaded it and can see it, would be good if that is clarified, I would not attach a file if I could post that script as codebox which does not work due to forum claiming it has something invalid like u na m e command which if written immediately block/bans the post

Link to comment
Share on other sites

8 minutes ago, James8078 said:

btw. no email received.

you sent to : nixxxxxxr78 @ g ma il ?

Check in about 10-30 minutes again if you do not see it, I replied to your email, must be right.

Link to comment
Share on other sites

12 hours ago, 19807409 said:

I already explained it in several posts. I do not know what and why you build and with which settings, for that help you should go to openwrt, once again, I suggest and suggested you to use snapshot images and not to compile. You probably added luci modified, but again, this would be fully offtopic here to talk/explain about how to build openwrt images, especially as it is done daily and found under snapshots as well as those online are upgradeable and your compiled is not compatible to them.

 

I posted you links to sysupgrade but your questions tell me that you did not read it which you should do. Sysupgrade documentation explains you all what I write and wrote in details and by that I feel it is a waste of time to explain what is written there if one can read it up.

Read and run this script (upgradefw-wrt3200acm.zip in the attachment) and inspect it and how it works and what it does. It will flash your router.

Before you run it, add tginstall, opkg backup script and other things which you might need to /etc/sysupgrade.conf

# if this script IS NOT available after reboot, then delete comment sign, if it is available, leave it as it is or delete
# /etc/profile.d/opkg.sh
# torguard and tgapi
/etc/torguard/
/etc/config/torguard
/etc/init.d/tgapi
/usr/bin/tgapitest
/usr/bin/tginit
/usr/bin/tgsetup
/usr/bin/tginit-uci-basic
/usr/bin/tguninstall
/usr/bin/tgfunctions
/usr/bin/tginstall
/usr/bin/tgupgrade
# root folder
/root/

save upgradefw on your router, lets say as /root/bin/upgradefw. It will create restore script in /root/bin/restore (that is why I included /root in sysupgrade.conf)

/root/bin/upgradefw

and make it executable with

chmod +x /root/bin/upgradefw

Thats it, now you can upgrade only firmware and then manually restore. In my example, I run those commands from my notebook, this is just a scratch, as example, you can add a check for when your device gets up so that waiting 240 seconds can be skipped and done automatically:

#!/bin/sh
LOG="upgradefw.log"
ROUTERIP="IPOFYOURROUTER"
ssh [email protected]${ROUTERIP} "/root/bin/upgradefw" | tee ${LOG};
echo "Wait 240 seconds until router reboots" && sleep 240 &&
ssh [email protected]${ROUTERIP} "/root/bin/restore" | tee -a ${LOG}
echo "firmware upgrade finished"

 

There are also other ways of how one can keep automated upgrade but I will get not deeper into it in this thread as it is fully offtopic here, we already slide too much away from wireguard on openwrt away. If you go and read sysupgrade documentation you will know much more about it and different options.

PS: I tested and did run the script on archer-c5v1, it should work with any openwrt, just edit the script var in the header of upgradefw. I do not have wrt3200acm and can not test it.

upgradefw-wrt3200acm.zipUnavailable upgrade-and-restore.log-archer-c5v1-snapshot.zipUnavailable

.....

 

[email protected]:~# chmod +x /root/bin/upgradefw
chmod: /root/bin/upgradefw: No such file or directory

 

and yet...... :

 

ow.png

Link to comment
Share on other sites

32 minutes ago, James8078 said:

.....

 

[email protected]:~# chmod +x /root/bin/upgradefw
chmod: /root/bin/upgradefw: No such file or directory

 

and yet...... :

 

ow.png

 

Well, pay a little bit attention in reading, will spare you time asking obvious things. Your screenshot shows that you copied it to:

/bin

 

instead, not sure why you again did not follow instructions/guide, as you should copy it to:

/root/bin

 

The reason why chmod gives the error is correct, there is no file. If you do not have bin folder in /root folder, then create it:

mkdir /root/bin

 

You could run it from /bin folder too if you want, but according to my post above, change in sysupgrade.conf's entry /root/ to /bin/upgradefw and run chmod +x /bin/upgradefw

/root folder is simply home folder of root user.

  • Thanks 1
Link to comment
Share on other sites

one additional note about if you use different locations etc.., if as example you for some reason want to use /bin/upgradefw, then you need to edit this part:

 create restore script if it does not exist in /root/bin folder which is backed up
if [ ! -f /root/bin/restore ]; then
cat <<"EOF_restore" | tee /root/bin/restore
#!/bin/sh
echo "Load /etc/profile.d/opkg.sh"
. /etc/profile.d/opkg.sh
opkg update
opkg_restore
EOF_restore
chmod +x /root/bin/restore 
fi

 

to:

 create restore script if it does not exist in /root/bin folder which is backed up
if [ ! -f /bin/restore ]; then
cat <<"EOF_restore" | tee /bin/restore
#!/bin/sh
echo "Load /etc/profile.d/opkg.sh"
. /etc/profile.d/opkg.sh
opkg update
opkg_restore
EOF_restore
chmod +x /bin/restore 
fi

 

just make sure you changed all /root/bin occurencies to /bin in script if you want to enforce other location than one which I wrote for the example script

Link to comment
Share on other sites

good, I did it, it seems everyhting works great and a log has been created in /root,  : upgradefw.log but it is empty ...

 

Btw, wireguard was up after reboot.

 

Link to comment
Share on other sites

10 hours ago, James8078 said:

good, I did it, it seems everyhting works great and a log has been created in /root,  : upgradefw.log but it is empty ...

it means you did run it from the device, in my example I run those commands over ssh on my pc, where upgradefw.log is then on my notebook (not in root. The script has this commented, if you use it in any other way, then adapt settings, here is header comment from script:

# How to use/upgrade from another pc:
#   ssh [email protected] "/root/bin/upgradefw" | tee upgradefw.log;
#   echo "Wait 240 seconds until router reboots"; sleep 240;
#   ssh [email protected] "/root/bin/restore" | tee -a upgradefw.log

 

10 hours ago, James8078 said:

Btw, wireguard was up after reboot.

This means that flash and restore worked, congrats.

Link to comment
Share on other sites

2 hours ago, James8078 said:

when I upgrade build,  after rebooting


tgapi

is disabled in startup initscript..

normal?

 

yes. Yesterday I explained it in separate post, read please once again:

#!/bin/sh
LOG="upgradefw.log"
ROUTERIP="IPOFYOURROUTER"
ssh [email protected]${ROUTERIP} "/root/bin/upgradefw" | tee ${LOG};
echo "Wait 240 seconds until router reboots" && sleep 240 &&
ssh [email protected]${ROUTERIP} "/root/bin/restore" | tee -a ${LOG}
echo "Run Torguard api on router to make sure that settings are valid"
ssh [email protected]${ROUTERIP} "/etc/init.d/tgapi enable;/etc/init.d/tgapi restart" | tee -a ${LOG}
echo "firmware upgrade finished"

echo "Reboot your router"
ssh [email protected]${ROUTERIP} "reboot -f" | tee -a ${LOG}

 

Link to comment
Share on other sites

@19807409

EDIT : on my other router, still working ) script +tginstall

hi,

have there been any changes in your script? I installed the script on a another router and in log, it is pretty weird, look the public key , it is a non sense, I restart from scratch 3x.. everytime the same result. Im gonna reset the router and restart to be sure.

Make init script executable: /etc/init.d/tgapi
Public key: 1611719983390
Peer server: 500
IP Addresses: Internal Server Error
Allowd IPs: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1
DNS1: /api/v1/setup}
DNS2: 
Endpoint host: 
Endpoint Port: 
Expiration date epoch: 
create new wireguard interface with torguards server: 173.244.200.119:1443
add new network interface (torguard wireguard interface)
cfg066d96
rename new interface to: wg0
set new interface's proto: wireguard
set new interface's private key: 2LJIwm4njMnbZ+FMO7PzXXXXXXXXXXXXXXXXXXXXElA7CMKeaGg=
set new interface's listen port: 51820
set new interface's addresses: Internal Server Error
set new interface's MTU (default 1420): 1420
set new interface's fwmark (default 0xFE): 0xfe
use of builtin IPv6-management (disabled by default, 0): 0
set new interface's nohostrouter (disabled by default, 0): 0
add wireguard peer wg0
cfg0796fc
add wireguard peer wg0 description: wg0 (TorGuard)
add wireguard peer wg0 public key: 1611719983390
add wireguard peer wg0 allowed ip's: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1
add wireguard peer wg0 Endpoint host: 
add wireguard peer wg0 Endpoint port: 
add wireguard peer wg0 Keepalive: 25
add wireguard peer wg0 Route allowed ip's: 1
commit network ...
Add created wireguard interface to lan zone (this will overwrite any other [email protected][0].network setting, please recheck if using non default settings)
'radio1' is disabled
TGINIT - RESULTS

Show Network inteface: wg0
network.wg0=interface
network.wg0.proto='wireguard'
network.wg0.private_key='2LJIwm4njMnbZ+FMO7PXXXXXXXXXX7CMKeaGg='
network.wg0.listen_port='51820'
network.wg0.addresses='Internal Server Error'
network.wg0.mtu='1420'
network.wg0.fwmark='0xfe'
network.wg0.delegate='0'
network.wg0.nohostroute='0'
network.cfg0796fc=wireguard_wg0
network.cfg0796fc.description='wg0 (TorGuard)'
network.cfg0796fc.public_key='1611719983390'
network.cfg0796fc.allowed_ips='Can not add peer with public key '\''zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg='\'' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1'
network.cfg0796fc.persistent_keepalive='25'
network.cfg0796fc.route_allowed_ips='1'
wait 10 seconds before checking for current IP...
IP ADDRESS - 		24XXXXXX.3
Torguard wireguard initialization finished, please reboot to complete
install speedperf: no
apifix:         enabled
apifixtimeout:  1d
Enable apifixtimeout service: yes
tgapi status: running
tginstall script finished
### â„¹ï¸ How to FAQ - Torguard wireguard server ###
How to show your configs
- Show full torguard config:      uci show torguard
- Show only default server:       uci show [email protected]_tg0[0]

How to set your configs
- Set/edit/change server:             uci set [email protected]_tg0[0].endpoint_host='173.244.200.119'
- Set/edit/change description:        uci set [email protected]_tg0[0].description='wg0 (TorGuard)'
- Set/edit/change allowed ips:        uci set [email protected]_tg0[0].allowed_ips='0.0.0.0/0'
- Set/edit/change endpoint port:      uci set [email protected]_tg0[0].endpoint_port='1443'
- Set/edit/change keepalive:          uci set [email protected]_tg0[0].persistent_keepalive='25'
- Set/edit/change route allowed ip's: uci set [email protected]

 

Link to comment
Share on other sites

2 hours ago, James8078 said:

@19807409

EDIT : on my other router, still working ) script +tginstall

hi,

have there been any changes in your script? I installed the script on a another router and in log, it is pretty weird, look the public key , it is a non sense, I restart from scratch 3x.. everytime the same result. Im gonna reset the router and restart to be sure.

Make init script executable: /etc/init.d/tgapi
Public key: 1611719983390
Peer server: 500
IP Addresses: Internal Server Error
Allowd IPs: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1
DNS1: /api/v1/setup}
DNS2: 
Endpoint host: 
Endpoint Port: 
Expiration date epoch: 
create new wireguard interface with torguards server: 173.244.200.119:1443
add new network interface (torguard wireguard interface)
cfg066d96
rename new interface to: wg0
set new interface's proto: wireguard
set new interface's private key: 2LJIwm4njMnbZ+FMO7PzXXXXXXXXXXXXXXXXXXXXElA7CMKeaGg=
set new interface's listen port: 51820
set new interface's addresses: Internal Server Error
set new interface's MTU (default 1420): 1420
set new interface's fwmark (default 0xFE): 0xfe
use of builtin IPv6-management (disabled by default, 0): 0
set new interface's nohostrouter (disabled by default, 0): 0
add wireguard peer wg0
cfg0796fc
add wireguard peer wg0 description: wg0 (TorGuard)
add wireguard peer wg0 public key: 1611719983390
add wireguard peer wg0 allowed ip's: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1
add wireguard peer wg0 Endpoint host: 
add wireguard peer wg0 Endpoint port: 
add wireguard peer wg0 Keepalive: 25
add wireguard peer wg0 Route allowed ip's: 1
commit network ...
Add created wireguard interface to lan zone (this will overwrite any other [email protected][0].network setting, please recheck if using non default settings)
'radio1' is disabled
TGINIT - RESULTS

Show Network inteface: wg0
network.wg0=interface
network.wg0.proto='wireguard'
network.wg0.private_key='2LJIwm4njMnbZ+FMO7PXXXXXXXXXX7CMKeaGg='
network.wg0.listen_port='51820'
network.wg0.addresses='Internal Server Error'
network.wg0.mtu='1420'
network.wg0.fwmark='0xfe'
network.wg0.delegate='0'
network.wg0.nohostroute='0'
network.cfg0796fc=wireguard_wg0
network.cfg0796fc.description='wg0 (TorGuard)'
network.cfg0796fc.public_key='1611719983390'
network.cfg0796fc.allowed_ips='Can not add peer with public key '\''zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg='\'' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1'
network.cfg0796fc.persistent_keepalive='25'
network.cfg0796fc.route_allowed_ips='1'
wait 10 seconds before checking for current IP...
IP ADDRESS - 		24XXXXXX.3
Torguard wireguard initialization finished, please reboot to complete
install speedperf: no
apifix:         enabled
apifixtimeout:  1d
Enable apifixtimeout service: yes
tgapi status: running
tginstall script finished
### â„¹ï¸ How to FAQ - Torguard wireguard server ###
How to show your configs
- Show full torguard config:      uci show torguard
- Show only default server:       uci show [email protected]_tg0[0]

How to set your configs
- Set/edit/change server:             uci set [email protected]_tg0[0].endpoint_host='173.244.200.119'
- Set/edit/change description:        uci set [email protected]_tg0[0].description='wg0 (TorGuard)'
- Set/edit/change allowed ips:        uci set [email protected]_tg0[0].allowed_ips='0.0.0.0/0'
- Set/edit/change endpoint port:      uci set [email protected]_tg0[0].endpoint_port='1443'
- Set/edit/change keepalive:          uci set [email protected]_tg0[0].persistent_keepalive='25'
- Set/edit/change route allowed ip's: uci set [email protected]

 

your log clearly tells me that your router is not online, you have again no internet connection and you need to have working internet connection for scripts to work.

Link to comment
Share on other sites

or, if you are online, then your public key (has special signs: zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=), encode it here: https://convertstring.com/EncodeDecode/UrlEncode

then save the result and rerun tginstall

# set your public key
uci set [email protected]_tg0[0].wgapipubkey="YOURURLENCODEDPUBLICKEY"
uci commit torguard

# run tginstall
tginstall

 

Link to comment
Share on other sites

5 minutes ago, 19807409 said:

your log clearly tells me that your router is not online, you have again no internet connection and you need to have working internet connection for scripts to work.

I will test later, but I always check if im online... so I'll let you know

Link to comment
Share on other sites

Just now, James8078 said:

I will test later, but I always check if im online... so I'll let you know

Probably its your public key, check my previous post

Link to comment
Share on other sites

  • 4 weeks later...

@19807409

hi,

these days I have some problems with the script, it woeked very well but dont know why, now I can run it 10x and nothing happens, sometimes, the interface is created sometimes not, sometimes the interface is just complete at 50%

 

and I can run the script 3-4 times and there is no wireguard interface created..  (and yes Im online 😉 )

 

thanks

 

(and it works, but I have to run it many times....)

 

e number: 0 do not create host routes to peers: 0 UDP port for out-/incoming packets: 51820 Maximum Transmission Unit of tunnel: 1420 32-bit mark for outgoing packets: 0xFE Seconds between keep alive messages: 25 Use builtin IPv6-management: 0 Route allowed IPs: 1 TorGuard firewall zone: 1 TorGuard wireguard private key: API Fix /usr/bin/tgapitest API Fix timeout 1d Sevice file path /etc/init.d/tgapi TorGuard Server List: 173.244.200.119:1443 ---
uci: Entry not found
create new private and public keys...
genwgkey... generating private key ... OK: WGR1XXXXXXXXXXXXXXXXXXXXXXXXXXXXvlF0=
createwgpubkey... generating public key ... OK: weo6fqT8EIzHm5qtHhrdmb66u/FtGKVPCA0oWcHjcXQ=
set vars for server for ip: 173.244.200.119:1443 ...
PORT: 51820
FWMARK: fe
Wireguard interface number: 0
Description: wg0 (TorGuard)
Firewall zone: wan wan6
Endpoint host: 173.244.200.119
Endpoint port: 1443
delete wireguard interface with same name... (173.244.200.119:1443)
delete existing default peer 0 and commit changes...
uci: Entry not found
delete existing wireguard interface and commit changes...
uci: Entry not found
restart network...
'radio2' is disabled
curl: (6) Couldn't resolve host 'updates.torguard.biz'
create new private and public keys...
genwgkey... generating private key ... OK: 2LzjAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXY=
createwgpubkey... generating public key ... OK: T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8=
USED PUBLIC AND API KEYS:
Private: 2LzjAlv0QpXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkY=
Public:  T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8=
API Public key:T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8=
API: https://NXXXXXX:[email protected]:1443/api/v1/setup?public-key=T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8=
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:01:26 --:--:--   

 

Link to comment
Share on other sites

  • 2 weeks later...

@James8078

sorry for late reply and thanks for reporting. I am quite busy with life and work and could not find time to check this forum, hope you are well.

If your issue is already resolved, then ignore following:

as far as I can see, curl tries to resolve updates.torguard.biz and you get a reply that updates.torguard.biz can not be resolved as well as few uci not found commands. On my routers it still works and have no issues at, check if you changed something on your router which might have caused this. Would be good if you could create an issue on github as it makes it easier to track and fix existing issues for me.

  • Thanks 1
Link to comment
Share on other sites

  • 9 months later...

hi,

 

I try to do

tgupgrade

in the shell but problem with certificate, dont know why....?

 

thanks

 

wget: OK - found: - /usr/bin/wget
Found bin: /usr/bin/tgfunctions ... upgrading
Downloading 'https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tgfunctions'
Connecting to 185.xx.xx.133:443
Connection error: Invalid SSL certificate
Found bin: /usr/bin/tginit ... upgrading
Downloading 'https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit'
Connecting to 185.xx.xx.133:443
Connection error: Invalid SSL certificate
Found bin: /usr/bin/tginit-uci-basic ... upgrading
Downloading 'https://raw.githubusercontent.com/TorGuard/openwrt-scripts/master/usr/bin/tginit-uci-basic'
Connecting to 185.xx.xx.133:443
Connection error: Invalid SSL certificate

 

Link to comment
Share on other sites

3 hours ago, James8078 said:

in the shell but problem with certificate, dont know why....?

Hello James, seems you have on your router wger-nossl installed.

Which router model is it as well which openwrt version do you use?

Can you check which wget version is on your router installed?

You can resolve it by installing either curl (recommended)

opkg update
opkg install curl

or wget-ssl

opkg update
opkg install wget-ssl

Let me know if it worked for you.

Link to comment
Share on other sites

Currently (at least for me), wireguard gets invalidated after 24 hours. This seems to be some bug on TorGuard side as some users report that their connection does not expire, in a separate thread I raised discussion about it.

For those who experience invalidation, you should set lets say 11 hours timeout fix (every 11 hours it validates the config for next 24 hours).

In general it is not bad to actually keep timeout fix enabled and set to some time under 24 hours.

Link to comment
Share on other sites

On 12/5/2021 at 6:37 PM, 19807409 said:

Hello James, seems you have on your router wger-nossl installed.

Which router model is it as well which openwrt version do you use?

Can you check which wget version is on your router installed?

You can resolve it by installing either curl (recommended)

opkg update
opkg install curl

or wget-ssl

opkg update
opkg install wget-ssl

Let me know if it worked for you.

Ive installed curl and wget, dont know why it were not already there but still have errors;

 

----END CERTIFICATE-----
curl: OK - found: - /usr/bin/curl
Found bin: /usr/bin/tgfunctions ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tginit ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tginit-uci-basic ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tginstall ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tguninstall ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tgsetup ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/tgupgrade ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
Found bin: /usr/bin/speedperf ... upgrading
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (77) error setting certificate verify locations: CAfile: /etc/torguard/ca.crt CApath: none
[email protected]:~# 

 

Link to comment
Share on other sites

Hello,

 

can you check if certificate is available:

cat /etc/torguard/ca.crt

 

If it is not available, just paste this to create it:

cat <<"EOF" | tee /etc/torguard/ca.crt
-----BEGIN CERTIFICATE-----
MIIEujCCAqKgAwIBAgIRAOLkx9DgmetClFsZ11C9TDIwDQYJKoZIhvcNAQENBQAw
PTERMA8GA1UECgwIVG9yR3VhcmQxKDAmBgNVBAMMH1Rvckd1YXJkIFByaXZhdGUg
Um9vdCBDQSAxIDIwMjAwHhcNMjAwODA1MTk1MjUzWhcNMjQwODA0MTk1MjUzWjA0
MREwDwYDVQQKDAhUb3JHdWFyZDEfMB0GA1UEAwwWVG9yR3VhcmQgVlBOIFNlcnZl
ciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcu3+XcrvJIzhxw
GOnkbn1hA4gjpe9qp0HU2gkaciUG7MyBgulfGAJh2ZhRUtVN2r6ZSdGP/nXTcYmj
6dQLo1ohruTkbgbbwRAynFJQQaFidO6eD1o7snFNMaBwiNNLjK7jlMgjHAPpmMcl
+0adW0xPRalTWlI07Fwl7VO8D7yJtmS1v1Ip8SjutnEw8ynrZIJeldqJTgGrqevk
FWy7f1MhXlnNmNG7edp18hE6fKrRVSN8QmcZ9KgcSsZ9i4MwSeiXV1feGPNfFQxA
DwA652r0TsRNjPUd1bDEad1f8Mb8X5QvSXrCkNn8n1DJK9zOqKaLhztt1ICr9WHQ
QQPXRIkCAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCAsQwEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUXEcNR/LSidNqZyw5qrXZnWxZsXIwdQYDVR0jBG4wbIAU
r7BhTzn5fCHgXDiUT2Yl86Fm372hQaQ/MD0xETAPBgNVBAoMCFRvckd1YXJkMSgw
JgYDVQQDDB9Ub3JHdWFyZCBQcml2YXRlIFJvb3QgQ0EgMSAyMDIwghEA4uTH0OCZ
60KUWxnXUL1MMDANBgkqhkiG9w0BAQ0FAAOCAgEAFL9QVr1qWVrtctoiq/fI865y
4hb7T5rhWiCGeGh0qqkXX3hOtY0jPD4afjAwbP5rDkxujs08ZRm2RbwfjSBSkFgS
7rFYB88wcmJqVbAzy0vKtMougY/hxZZGqXcL0pAQJuJQVIQlLo1siiVfWk4jb9ue
X/o4zjXnoqGgiziQ/pXd9sgSnWZ9u8obszbNu15Nb/9HYie9ZezB+1VYNkIiCazk
E7zeahcfX/Epje5VX7Am7romcjXpX3zwozD5kEASo7YC0FZsJx1KH5/R4vpSwSB6
QwditKGqS7giA5191lmpeHCxxLH0w4KOAlbnkpHUWWhovDqxxupi4RoxALSTD/c5
ueEck+zjDFLHM11/A7c29UczyOBaVXNmsf969jRgKodTY/gejIW8WH6OnjYpYZhn
5h70Jr0xt8rppo7BqX9UUJbIKIfqHRTBuy9MHIamkYks1SY85TyrfSsSQOSg6AlS
aM92o+jm3qoVza75Ksa8Wel3pgs6FUfAp8aPRaQ+ysYV2Qlp6Byd702VuzdIfc/1
BlMk6TYfMFiaESBensO5GTa6p8ZEXOOsN3OSRc51iZ5OEMRp1w6364JnYNK9vmdA
OJdOz5njXFgb1BetQVuMY06pT861ByCQ0tl5XZycQf2ifFoAlZSwWkP5DFV5Ozq2
dI1mOMT8mRwIDfOfBJc=
-----END CERTIFICATE-----
EOF

 

Link to comment
Share on other sites

3 hours ago, 19807409 said:

Hello,

 

can you check if certificate is available:

cat /etc/torguard/ca.crt

 

If it is not available, just paste this to create it:

cat <<"EOF" | tee /etc/torguard/ca.crt
-----BEGIN CERTIFICATE-----
MIIEujCCAqKgAwIBAgIRAOLkx9DgmetClFsZ11C9TDIwDQYJKoZIhvcNAQENBQAw
PTERMA8GA1UECgwIVG9yR3VhcmQxKDAmBgNVBAMMH1Rvckd1YXJkIFByaXZhdGUg
Um9vdCBDQSAxIDIwMjAwHhcNMjAwODA1MTk1MjUzWhcNMjQwODA0MTk1MjUzWjA0
MREwDwYDVQQKDAhUb3JHdWFyZDEfMB0GA1UEAwwWVG9yR3VhcmQgVlBOIFNlcnZl
ciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcu3+XcrvJIzhxw
GOnkbn1hA4gjpe9qp0HU2gkaciUG7MyBgulfGAJh2ZhRUtVN2r6ZSdGP/nXTcYmj
6dQLo1ohruTkbgbbwRAynFJQQaFidO6eD1o7snFNMaBwiNNLjK7jlMgjHAPpmMcl
+0adW0xPRalTWlI07Fwl7VO8D7yJtmS1v1Ip8SjutnEw8ynrZIJeldqJTgGrqevk
FWy7f1MhXlnNmNG7edp18hE6fKrRVSN8QmcZ9KgcSsZ9i4MwSeiXV1feGPNfFQxA
DwA652r0TsRNjPUd1bDEad1f8Mb8X5QvSXrCkNn8n1DJK9zOqKaLhztt1ICr9WHQ
QQPXRIkCAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCAsQwEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUXEcNR/LSidNqZyw5qrXZnWxZsXIwdQYDVR0jBG4wbIAU
r7BhTzn5fCHgXDiUT2Yl86Fm372hQaQ/MD0xETAPBgNVBAoMCFRvckd1YXJkMSgw
JgYDVQQDDB9Ub3JHdWFyZCBQcml2YXRlIFJvb3QgQ0EgMSAyMDIwghEA4uTH0OCZ
60KUWxnXUL1MMDANBgkqhkiG9w0BAQ0FAAOCAgEAFL9QVr1qWVrtctoiq/fI865y
4hb7T5rhWiCGeGh0qqkXX3hOtY0jPD4afjAwbP5rDkxujs08ZRm2RbwfjSBSkFgS
7rFYB88wcmJqVbAzy0vKtMougY/hxZZGqXcL0pAQJuJQVIQlLo1siiVfWk4jb9ue
X/o4zjXnoqGgiziQ/pXd9sgSnWZ9u8obszbNu15Nb/9HYie9ZezB+1VYNkIiCazk
E7zeahcfX/Epje5VX7Am7romcjXpX3zwozD5kEASo7YC0FZsJx1KH5/R4vpSwSB6
QwditKGqS7giA5191lmpeHCxxLH0w4KOAlbnkpHUWWhovDqxxupi4RoxALSTD/c5
ueEck+zjDFLHM11/A7c29UczyOBaVXNmsf969jRgKodTY/gejIW8WH6OnjYpYZhn
5h70Jr0xt8rppo7BqX9UUJbIKIfqHRTBuy9MHIamkYks1SY85TyrfSsSQOSg6AlS
aM92o+jm3qoVza75Ksa8Wel3pgs6FUfAp8aPRaQ+ysYV2Qlp6Byd702VuzdIfc/1
BlMk6TYfMFiaESBensO5GTa6p8ZEXOOsN3OSRc51iZ5OEMRp1w6364JnYNK9vmdA
OJdOz5njXFgb1BetQVuMY06pT861ByCQ0tl5XZycQf2ifFoAlZSwWkP5DFV5Ozq2
dI1mOMT8mRwIDfOfBJc=
-----END CERTIFICATE-----
EOF

 

I created it, What I saw it is that ca.crt was a folder and not a file and the folder ca.crt was empty

 

[email protected]:/etc/torguard# cat ca.crt
cat: read error: Is a directory

[email protected]:/etc/torguard# cat ca.crt
cat: read error: Is a directory

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...