hello,
i don't know where is located the server configuration.
here is the first client, it work...
proto udp
dev tap
nobind
remote 62.220.130.113 1194
tls-client
tls-auth takey.pem 1
remote-cert-tls server
resolv-retry infinite
persist-key
auth-user-pass
pkcs12 team.p12
cipher AES-256-CBC
compress lzo
pull
here is the second client, it fail...
(that's my account)
proto udp
dev tap
nobind
remote 62.220.130.113 1194
tls-client
tls-auth takey.pem 1
remote-cert-tls server
resolv-retry infinite
persist-key
auth-user-pass
pkcs12 chris.p12
cipher AES-256-CBC
compress lzo
pull
here is the log...
2020-03-26 14:23:15.604830 *Tunnelblick: macOS 10.13.6 (17G65); Tunnelblick 3.8.2 (build 5480); prior version 3.8.1 (build 5400)
2020-03-26 14:23:15.906447 *Tunnelblick: Attempting connection with chris using shadow copy; Set nameserver = 769; monitoring connection
2020-03-26 14:23:15.907301 *Tunnelblick: openvpnstart start chris.tblk 56329 769 0 1 0 1098098 -ptADGNWradsgnw 2.4.8-openssl-1.1.1e
2020-03-26 14:23:15.932953 *Tunnelblick: openvpnstart starting OpenVPN
2020-03-26 14:23:16.749524 OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Mar 22 2020
2020-03-26 14:23:16.749637 library versions: OpenSSL 1.1.1e 17 Mar 2020, LZO 2.10
2020-03-26 14:23:16.751661 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:56329
2020-03-26 14:23:16.751700 Need hold release from management interface, waiting...
2020-03-26 14:23:17.172016 *Tunnelblick: openvpnstart log:
Loading tap-notarized.kext
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.8-openssl-1.1.1e/openvpn
--daemon
--log /Library/Application Support/Tunnelblick/Logs/-SUsers-Skirrs-SLibrary-SApplication Support-STunnelblick-SConfigurations-Schris.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1098098.56329.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/kirrs/chris.tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5480 3.8.2 (build 5480)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/kirrs/chris.tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/kirrs/chris.tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/kirrs/chris.tblk/Contents/Resources
--management 127.0.0.1 56329 /Library/Application Support/Tunnelblick/pddnllmdjiempkdmafcabdffgefibeaoplbkagll.mip
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--route-pre-down /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
2020-03-26 14:23:17.184626 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:56329
2020-03-26 14:23:17.230369 MANAGEMENT: CMD 'pid'
2020-03-26 14:23:17.230456 MANAGEMENT: CMD 'auth-retry interact'
2020-03-26 14:23:17.230516 MANAGEMENT: CMD 'state on'
2020-03-26 14:23:17.230586 MANAGEMENT: CMD 'state'
2020-03-26 14:23:17.230685 MANAGEMENT: CMD 'bytecount 1'
2020-03-26 14:23:17.231990 *Tunnelblick: Established communication with OpenVPN
2020-03-26 14:23:17.233246 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
2020-03-26 14:23:17.235873 MANAGEMENT: CMD 'hold release'
2020-03-26 14:23:17.283133 *Tunnelblick: Obtained VPN username and password from the Keychain
2020-03-26 14:23:17.283983 MANAGEMENT: CMD 'username "Auth" "chris"'
2020-03-26 14:23:17.284061 MANAGEMENT: CMD 'password [...]'
2020-03-26 14:23:17.284214 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2020-03-26 14:23:17.310465 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2020-03-26 14:23:17.310499 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2020-03-26 14:23:17.310987 TCP/UDP: Preserving recently used remote address: [AF_INET]62.220.130.113:1194
2020-03-26 14:23:17.311041 Socket Buffers: R=[196724->196724] S=[9216->9216]
2020-03-26 14:23:17.311055 UDP link local: (not bound)
2020-03-26 14:23:17.311067 UDP link remote: [AF_INET]62.220.130.113:1194
2020-03-26 14:23:17.311141 MANAGEMENT: >STATE:1585228997,WAIT,,,,,,
2020-03-26 14:23:17.345902 MANAGEMENT: >STATE:1585228997,AUTH,,,,,,
2020-03-26 14:23:17.345963 TLS: Initial packet from [AF_INET]62.220.130.113:1194, sid=770f7df7 9dd292a5
2020-03-26 14:23:17.349798 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-03-26 14:23:17.381303 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=CH, ST=VD, L=Lausanne, O=Didwedo, OU=Certificate Authority, CN=Didwedo PHPki Certificate Authority, emailAddress=webmaster@didwedo.ch
2020-03-26 14:23:17.381447 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-03-26 14:23:17.381476 TLS_ERROR: BIO read tls_read_plaintext error
2020-03-26 14:23:17.381508 TLS Error: TLS object -> incoming plaintext read error
2020-03-26 14:23:17.381526 TLS Error: TLS handshake failed
2020-03-26 14:23:17.384066 SIGUSR1[soft,tls-error] received, process restarting
2020-03-26 14:23:17.384108 MANAGEMENT: >STATE:1585228997,RECONNECTING,tls-error,,,,,
2020-03-26 14:23:17.387313 MANAGEMENT: CMD 'hold release'
2020-03-26 14:23:17.387379 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2020-03-26 14:23:17.387510 TCP/UDP: Preserving recently used remote address: [AF_INET]62.220.130.113:1194
2020-03-26 14:23:17.387549 Socket Buffers: R=[196724->196724] S=[9216->9216]
2020-03-26 14:23:17.387563 UDP link local: (not bound)
2020-03-26 14:23:17.387575 UDP link remote: [AF_INET]62.220.130.113:1194
2020-03-26 14:23:20.206090 TLS: Initial packet from [AF_INET]62.220.130.113:1194, sid=33a3f629 08753570
2020-03-26 14:23:20.255091 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=CH, ST=VD, L=Lausanne, O=Didwedo, OU=Certificate Authority, CN=Didwedo PHPki Certificate Authority, emailAddress=webmaster@didwedo.ch
2020-03-26 14:23:20.255145 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-03-26 14:23:20.255159 TLS_ERROR: BIO read tls_read_plaintext error
2020-03-26 14:23:20.255169 TLS Error: TLS object -> incoming plaintext read error
2020-03-26 14:23:20.255178 TLS Error: TLS handshake failed
2020-03-26 14:23:20.255389 SIGUSR1[soft,tls-error] received, process restarting
thanks for your help