OpenVPN Error: Cannot open dh1024.pem for DH parameters
When building OpenVPN on RHEL/CentOS servers as a RPM you may end up finding that the init script fails to start OpenVPN. When checking /var/log/messages you may find a error that looks simular to this.
Jan 01 01:01:01 localhost openvpn: Cannot open dh1024.pem for DH parameters: error:0200100D:system library:fopen:Permission denied: error:2006D002:BIO routines:BIO_new_file:system lib
Chances are you probably have SELINUX set to enforcing. Run the following command to see what enforcing level SELINUX is set at.
[root@localhost ~]# getenforce Enforcing
If the result returned is Enforcing then you need to disable SELINUX. You can do that by running the following command
[root@localhost ~]# setenforce 0
This is only a temp fix, the next reboot will cause SELINUX to go back into a enforcing mode. In order to disable SELINUX permanently you need to change the SELINUX value in /etc/sysconfig/selinux from enforcing to disabled. You can do this by running the following command
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux