New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refusal of weak md certificates #1393
Comments
While I do understand from the log lines / FAQ that the CA MD cert is too weak, this doesn't seem to be an issue with the OpenVPN Connect app, the same .ovpn file loads and connects just fine with this app. If anyone thinks this might be the issue with the OpenVPN for Android app let me know what/where I can make a change and see if anything changes. |
In the OpenVPN Android app, select to edit the profile. select Advanced, scroll down until you see Enable Custom Options and tick the box if it is not already ticked. Now click on Custom options and add the following line --tls-cipher DEFAULT:@SECLEVEL=0 Click OK This should make it work but is really just a temporary solution |
@wingman1487 The OpenVPN Connect app is only on OpenSSL 1.1.1 and if you look at its log closely you might already see warnings about this. When OpenVPN Connect upgrades to OpenSSL 3.0 in the near future, the problem will be present there as well. |
want to confirm it with you. |
Yes. cipher and auth are not related to this error. |
To make issues more manageable, I would appreciate it if you fill out the following details as applicable:
General information
Description of the issue
The last time the VPN worked for me was on 10/05/2021, not sure what changed since then but I am not longer able to make a connection. I have attached the log file but the below lines are what started showing up. I haven't made any changes to the Client or Server until today when doing testing, but the only changes I've made was to delete and re-import the profile. I am connecting to an AsusWRT Merlin device and using the built in OpenVPN server on the router, any help is appreciated!
The text was updated successfully, but these errors were encountered: