Failed to add server, server error occurred

vitexeon · November 8, 2025, 3:58pm

I can’t add a server to Pritunl; it immediately throws an error: Failed to add server, server error occurred.

LOG:

[2025-11-08 15:55:57,143][ERROR] Exception on /server [POST]
Traceback (most recent call last):
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 2190, in wsgi_app
response = self.full_dispatch_request()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1486, in full_dispatch_request
rv = self.handle_user_exception(e)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1484, in full_dispatch_request
rv = self.dispatch_request()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1469, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/auth/app.py”, line 10, in _wrapped
return call(*args, **kwargs)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/handlers/server.py”, line 660, in server_put_post
svr = server.new_server(
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/utils.py”, line 16, in new_server
server.initialize()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/server.py”, line 616, in initialize
self.generate_tls_auth_wait()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/server.py”, line 1569, in generate_tls_auth_wait
raise ValueError('Popen returned ’ +
ValueError: Popen returned error exit code 1

How to cure it?

zach · November 8, 2025, 11:36pm

This is likely an issue with the openssl installation.

vitexeon · November 9, 2025, 1:24am

I also thought so at first, but OpenVPN installs without errors…

Alexidze · December 21, 2025, 11:25am

I have some issue

[lithium-9036][2025-12-21 13:35:29,833][ERROR] Exception on /server [POST]
Traceback (most recent call last):
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 2190, in wsgi_app
response = self.full_dispatch_request()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1486, in full_dispatch_request
rv = self.handle_user_exception(e)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1484, in full_dispatch_request
rv = self.dispatch_request()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/flask/app.py”, line 1469, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/auth/app.py”, line 10, in _wrapped
return call(*args, **kwargs)
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/handlers/server.py”, line 660, in server_put_post
svr = server.new_server(
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/utils.py”, line 16, in new_server
server.initialize()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/server.py”, line 616, in initialize
self.generate_tls_auth_wait()
File “/usr/lib/pritunl/usr/lib/python3.9/site-packages/pritunl/server/server.py”, line 1569, in generate_tls_auth_wait
raise ValueError('Popen returned ’ +
ValueError: Popen returned error exit code 1

ubu-5:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 25.10
Release: 25.10
Codename: questing

ubu-5:~$ pritunl version
pritunl v1.32.4400.99

ubu-5:~$ mongod --version
db version v8.0.17
Build Info: {
“version”: “8.0.17”,
“gitVersion”: “b20e43625b72f4bb43cc15107f80ac966ae13b6d”,
“openSSLVersion”: “OpenSSL 3.5.3 16 Sep 2025”,
“modules”: ,
“allocator”: “tcmalloc-google”,
“environment”: {
“distmod”: “ubuntu2404”,
“distarch”: “x86_64”,
“target_arch”: “x86_64”
}
}

zach · December 21, 2025, 9:23pm

That error is from the command openvpn --genkey --secret ./test failing.

Alexidze · December 21, 2025, 9:58pm

ubu-5:~$ openvpn --genkey --secret ./test
2025-12-22 00:55:10 DEPRECATED OPTION: The option --secret is deprecated.
2025-12-22 00:55:10 WARNING: Using --genkey --secret filename is DEPRECATED. Use --genkey secret filename instead.

ubu-5:~$ openvpn --version
OpenVPN 2.6.17 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
library versions: OpenSSL 3.5.3 16 Sep 2025, LZO 2.10
DCO version: N/A
Originally developed by James Yonan
Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_dco=yes enable_dco_arg=yes enable_debug=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_unit_tests=no enable_werror=no enable_win32_dll=yes enable_wolfssl_options_h=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_openssl_engine=auto with_sysroot=no

Alexidze · December 22, 2025, 5:07am

How to avoid this?

zach · December 23, 2025, 10:47pm

It may be issues with AppArmor or some other compatibility issues with Ubuntu 25.10. The Pritunl server is only packaged for LTS releases.

trufanov-nok · January 29, 2026, 8:47pm

I have the same problem on Kubuntu 25.04. I have downgraded to oldest openvpn version possible.
```

$ openvpn --version
OpenVPN 2.6.13 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
library versions: OpenSSL 3.4.1 11 Feb 2025, LZO 2.10
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 25.04
Release: 25.04
Codename: plucky

$ pritunl version
pritunl v1.32.4512.98

$ mongod --version
db version v8.0.18
Build Info: {
“version”: “8.0.18”,
“gitVersion”: “5d1557a9ac6f1cd358cef85fd11c0fabfcfc4e2e”,
“openSSLVersion”: “OpenSSL 3.4.1 11 Feb 2025”,
“modules”: [],
“allocator”: “tcmalloc-google”,
“environment”: {
“distmod”: “ubuntu2404”,
“distarch”: “x86_64”,
“target_arch”: “x86_64”
}
}

$ openvpn --genkey --secret ./test
2026-01-29 23:46:29 DEPRECATED OPTION: The option --secret is deprecated.
2026-01-29 23:46:29 WARNING: Using --genkey --secret filename is DEPRECATED. Use --genkey secret filename instead.

$ echo $?
0

```

the openvpn exit code is 0, so it shouldn;t be a problem

trufanov-nok · January 29, 2026, 9:04pm

replaced the original code with

            fhout = open(f'/var/log/tmp/stdout.log', 'w')
            fherr = open(f'/var/log/tmp/stderr.log', 'w')
            self.tls_auth_process = subprocess.Popen(args,
                stdout=fhout, stderr=fherr)

and got in stdout.log:

2026-01-30 00:02:33 DEPRECATED OPTION: The option --secret is deprecated.
2026-01-30 00:02:33 WARNING: Using --genkey --secret filename is DEPRECATED.  Use --genkey secret filename instead.
2026-01-30 00:02:33 Cannot open file '/tmp/pritunl_9282aabe52e247d68fe612b3c5296fef/94b5cfdbb4584a1cb9ec08b6904741bb/tls_auth.key' for write: Permission denied (errno=13)
2026-01-30 00:02:33 Failed to write key file
2026-01-30 00:02:33 Exiting due to fatal error

trufanov-nok · January 29, 2026, 9:08pm

This resolves the problem: Pritunl can't connect after update to Kubuntu 25.04 - #10 by zach

zach · January 30, 2026, 1:57pm

The server should only be run on LTS Ubuntu releases. Also Kubuntu is a desktop release, the server release should be used. Even if it does run the link libraries used by the included Python could eventually be incompatible versions and the server will no longer be able to function.