Update Centos 6.x to 6.9 and fail connect to Openvpn!

This week update to last vesion of centos 6.9 and find Openvpn do not work.

Error: ERROR: depth=0, error=certificate signature failure:
OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned

RHEL 6.9 / Centos 6.9 remove Deprecated Insecure Algorithms and Protocols link.

More info: CentOS 6.9 Release Notes

Solution 1: Remove old keys from your Openvpn server and create new key.
Solution 2: Add exception for keys you have now but don’t forget to change keys in soon as posible.

Exception:

echo -e “LegacySigningMDs md2 md5\nMinimumDHBits 512\n” >> /etc/pki/tls/legacy-settings
service openvpn restart

Enjoy for today !

4 thoughts on “Update Centos 6.x to 6.9 and fail connect to Openvpn!”

francenildo says:

16/12/2017 at 23:11

It did not work for me.

Reply
1. francenildo says:
  
  17/12/2017 at 00:01
  
  I have the same problem.
  Sat Dec 16 22:00:10 2017 177.149.65.35:64758 OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
  Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS_ERROR: BIO read tls_read_plaintext error
  Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS Error: TLS object -> incoming plaintext read error
  Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS Error: TLS handshake failed
  
  Reply
  1. clucian says:
    
    18/12/2017 at 06:47
    What linux do you have ?
    Did you try the 2nd variant/solution ?
    
    echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings service openvpn restart
    
    What version of openvpn is ?
    Reply
  2. francenildo says:
    
    07/04/2018 at 00:07
    
    I resolved using AES-256-GCM cipher in the server’s .conf file.
    
    Reply

February 2019
S	M	T	W	T	F	S
« Dec
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28

Related posts:

4 thoughts on “Update Centos 6.x to 6.9 and fail connect to Openvpn!”

Leave a Reply Cancel reply