From 3becb6425264759ed6c45bd4960621c08fb20c96 Mon Sep 17 00:00:00 2001
From: Mark Robinson <Mark@CreativeTags.com>
Date: Fri, 16 Nov 2018 23:33:39 +0000
Subject: [PATCH] Swap order of auth SHA512 and cipher AES-256-CBC

I'm no expert but according to https://www.digitalocean.com/community/questions/help-with-the-following-error-tls-error-cannot-locate-hmac-in-incoming-packet-from-af_inet swapping these lines in client.conf fixes an error in the log
---
 openvpn-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 8b56327..95cd502 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -390,8 +390,8 @@ nobind
 persist-key
 persist-tun
 remote-cert-tls server
-auth SHA512
 cipher AES-256-CBC
+auth SHA512
 setenv opt block-outside-dns
 key-direction 1
 verb 3" > /etc/openvpn/client-common.txt