search

guillaumedsde / alpine-qbittorrent-openvpn

qBittorrent docker container with OpenVPN client running as unprivileged user on alpine linux
https://guillaumedsde.gitlab.io/alpine-qbittorrent-openvpn/
GNU General Public License v3.0
216 stars 39 forks source link

TLS Error: TLS object -> incoming plaintext read error #79

Open WormChickenWizard opened 3 years ago

WormChickenWizard commented 3 years ago

Information

Went to remote into the qbittorrent webui and I noticed the container didn't have internet. Usually its because the VPN connection got hung up and rebooting it seems to remedy the issue. Today however after literally changing nothing when it lost connection, I rebooted the container and the qbittorrent client never booted up. I checked the docker logs and it seems that there is some sort of TLS error preventing the VPN from initializing.

docker container logs qbittorrent

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-setup-permissions: executing... 
[cont-init.d] 01-setup-permissions: exited 0.
[cont-init.d] 02-setup-openvpn: executing... 
Wed Jul 21 23:06:48 2021 TUN/TAP device tun0 opened
Wed Jul 21 23:06:48 2021 Persist state set to: ON
INFO: Trying to use OpenVPN provider: WINDSCRIBE
A    windscribe
A    windscribe/Adelaide-Lofty-tcp.ovpn
A    windscribe/Adelaide-Lofty-udp.ovpn
A    windscribe/Adelaide-Oval-tcp.ovpn
A    windscribe/Adelaide-Oval-udp.ovpn
A    windscribe/Amsterdam-Bicycle-tcp.ovpn
A    windscribe/Amsterdam-Bicycle-udp.ovpn
A    windscribe/Amsterdam-Canal-tcp.ovpn
A    windscribe/Amsterdam-Canal-udp.ovpn
A    windscribe/Amsterdam-RedLight-tcp.ovpn
A    windscribe/Amsterdam-RedLight-udp.ovpn
A    windscribe/Amsterdam-Tulip-tcp.ovpn
A    windscribe/Amsterdam-Tulip-udp.ovpn
A    windscribe/Ashdod-YamPark-tcp.ovpn
A    windscribe/Ashdod-YamPark-udp.ovpn
A    windscribe/Athens-Agora-tcp.ovpn
A    windscribe/Athens-Agora-udp.ovpn
A    windscribe/Athens-Odeon-tcp.ovpn
A    windscribe/Athens-Odeon-udp.ovpn
A    windscribe/Athens-Parthenon-tcp.ovpn
A    windscribe/Athens-Parthenon-udp.ovpn
A    windscribe/Atlanta-Mountain-tcp.ovpn
A    windscribe/Atlanta-Mountain-udp.ovpn
A    windscribe/Atlanta-Piedmont-tcp.ovpn
A    windscribe/Atlanta-Piedmont-udp.ovpn
A    windscribe/Auckland-Hauraki-tcp.ovpn
A    windscribe/Auckland-Hauraki-udp.ovpn
A    windscribe/Auckland-Parnell-tcp.ovpn
A    windscribe/Auckland-Parnell-udp.ovpn
A    windscribe/BakuCity-Caspian-tcp.ovpn
A    windscribe/BakuCity-Caspian-udp.ovpn
A    windscribe/Bangkok-Hangover-tcp.ovpn
A    windscribe/Bangkok-Hangover-udp.ovpn
A    windscribe/Bangkok-KhaoSan-tcp.ovpn
A    windscribe/Bangkok-KhaoSan-udp.ovpn
A    windscribe/Barcelona-Batllo-tcp.ovpn
A    windscribe/Barcelona-Batllo-udp.ovpn
A    windscribe/Belgrade-Rakia-tcp.ovpn
A    windscribe/Belgrade-Rakia-udp.ovpn
A    windscribe/Bend-OregonTrail-tcp.ovpn
A    windscribe/Bend-OregonTrail-udp.ovpn
A    windscribe/Bogota-Rololandia-tcp.ovpn
A    windscribe/Bogota-Rololandia-udp.ovpn
A    windscribe/Bogota-WhiteCoffee-tcp.ovpn
A    windscribe/Bogota-WhiteCoffee-udp.ovpn
A    windscribe/Boston-MIT-tcp.ovpn
A    windscribe/Boston-MIT-udp.ovpn
A    windscribe/Bratislava-DevinCastle-tcp.ovpn
A    windscribe/Bratislava-DevinCastle-udp.ovpn
A    windscribe/Brisbane-BadKoala-tcp.ovpn
A    windscribe/Brisbane-BadKoala-udp.ovpn
A    windscribe/Brisbane-GoodKoala-tcp.ovpn
A    windscribe/Brisbane-GoodKoala-udp.ovpn
A    windscribe/Brussels-Guildhouse-tcp.ovpn
A    windscribe/Brussels-Guildhouse-udp.ovpn
A    windscribe/Bucharest-NoVampires-tcp.ovpn
A    windscribe/Bucharest-NoVampires-udp.ovpn
A    windscribe/Budapest-Danube-tcp.ovpn
A    windscribe/Budapest-Danube-udp.ovpn
A    windscribe/BuenosAires-Madero-tcp.ovpn
A    windscribe/BuenosAires-Madero-udp.ovpn
A    windscribe/BuenosAires-Tango-tcp.ovpn
A    windscribe/BuenosAires-Tango-udp.ovpn
A    windscribe/Buffalo-Bill-tcp.ovpn
A    windscribe/Buffalo-Bill-udp.ovpn
A    windscribe/Bursa-Teleferik-tcp.ovpn
A    windscribe/Bursa-Teleferik-udp.ovpn
A    windscribe/Canberra-Burley-tcp.ovpn
A    windscribe/Canberra-Burley-udp.ovpn
A    windscribe/Charlotte-Earnhardt-tcp.ovpn
A    windscribe/Charlotte-Earnhardt-udp.ovpn
A    windscribe/Chennai-Adyar-tcp.ovpn
A    windscribe/Chennai-Adyar-udp.ovpn
A    windscribe/Chicago-Cub-tcp.ovpn
A    windscribe/Chicago-Cub-udp.ovpn
A    windscribe/Chicago-TheL-tcp.ovpn
A    windscribe/Chicago-TheL-udp.ovpn
A    windscribe/Chicago-Wrigley-tcp.ovpn
A    windscribe/Chicago-Wrigley-udp.ovpn
A    windscribe/Chisinau-Dendrarium-tcp.ovpn
A    windscribe/Chisinau-Dendrarium-udp.ovpn
A    windscribe/Cleveland-Brown-tcp.ovpn
A    windscribe/Cleveland-Brown-udp.ovpn
A    windscribe/Copenhagen-Christiansborg-tcp.ovpn
A    windscribe/Copenhagen-Christiansborg-udp.ovpn
A    windscribe/Copenhagen-Rosenborg-tcp.ovpn
A    windscribe/Copenhagen-Rosenborg-udp.ovpn
A    windscribe/Dallas-Ammo-tcp.ovpn
A    windscribe/Dallas-Ammo-udp.ovpn
A    windscribe/Dallas-BBQ-tcp.ovpn
A    windscribe/Dallas-BBQ-udp.ovpn
A    windscribe/Dallas-Ranch-tcp.ovpn
A    windscribe/Dallas-Ranch-udp.ovpn
A    windscribe/Denver-Barley-tcp.ovpn
A    windscribe/Denver-Barley-udp.ovpn
A    windscribe/Denver-Hops-tcp.ovpn
A    windscribe/Denver-Hops-udp.ovpn
A    windscribe/Detroit-ConeyDog-tcp.ovpn
A    windscribe/Detroit-ConeyDog-udp.ovpn
A    windscribe/Dubai-Khalifa-tcp.ovpn
A    windscribe/Dubai-Khalifa-udp.ovpn
A    windscribe/Dublin-Dullahan-tcp.ovpn
A    windscribe/Dublin-Dullahan-udp.ovpn
A    windscribe/Dublin-Guinness-tcp.ovpn
A    windscribe/Dublin-Guinness-udp.ovpn
A    windscribe/Edinburgh-KeeperWillie-tcp.ovpn
A    windscribe/Edinburgh-KeeperWillie-udp.ovpn
A    windscribe/Frankfurt-Castle-tcp.ovpn
A    windscribe/Frankfurt-Castle-udp.ovpn
A    windscribe/Frankfurt-Wiener-tcp.ovpn
A    windscribe/Frankfurt-Wiener-udp.ovpn
A    windscribe/Guadalajara-Cabanas-tcp.ovpn
A    windscribe/Guadalajara-Cabanas-udp.ovpn
A    windscribe/Halifax-Howe-tcp.ovpn
A    windscribe/Halifax-Howe-udp.ovpn
A    windscribe/Hanoi-RedRiver-tcp.ovpn
A    windscribe/Hanoi-RedRiver-udp.ovpn
A    windscribe/Helsinki-Sauna-tcp.ovpn
A    windscribe/Helsinki-Sauna-udp.ovpn
A    windscribe/Helsinki-Tram-tcp.ovpn
A    windscribe/Helsinki-Tram-udp.ovpn
A    windscribe/HongKong-Phooey-tcp.ovpn
A    windscribe/HongKong-Phooey-udp.ovpn
A    windscribe/HongKong-Victoria-tcp.ovpn
A    windscribe/HongKong-Victoria-udp.ovpn
A    windscribe/Istanbul-Ataturk-tcp.ovpn
A    windscribe/Istanbul-Ataturk-udp.ovpn
A    windscribe/Istanbul-Galata-tcp.ovpn
A    windscribe/Istanbul-Galata-udp.ovpn
A    windscribe/Istanbul-Ottoman-tcp.ovpn
A    windscribe/Istanbul-Ottoman-udp.ovpn
A    windscribe/Jakarta-Menteng-tcp.ovpn
A    windscribe/Jakarta-Menteng-udp.ovpn
A    windscribe/Jerusalem-Zion-tcp.ovpn
A    windscribe/Jerusalem-Zion-udp.ovpn
A    windscribe/Johannesburg-District-tcp.ovpn
A    windscribe/Johannesburg-District-udp.ovpn
A    windscribe/Johannesburg-EllisPark-tcp.ovpn
A    windscribe/Johannesburg-EllisPark-udp.ovpn
A    windscribe/Johannesburg-Lindfield-tcp.ovpn
A    windscribe/Johannesburg-Lindfield-udp.ovpn
A    windscribe/KansasCity-Glinda-tcp.ovpn
A    windscribe/KansasCity-Glinda-udp.ovpn
A    windscribe/KualaLumpur-Perdana-tcp.ovpn
A    windscribe/KualaLumpur-Perdana-udp.ovpn
A    windscribe/Kyiv-Borscht-tcp.ovpn
A    windscribe/Kyiv-Borscht-udp.ovpn
A    windscribe/LasVegas-Casino-tcp.ovpn
A    windscribe/LasVegas-Casino-udp.ovpn
A    windscribe/Lima-Amaru-tcp.ovpn
A    windscribe/Lima-Amaru-udp.ovpn
A    windscribe/Lisbon-Bairro-tcp.ovpn
A    windscribe/Lisbon-Bairro-udp.ovpn
A    windscribe/London-Biscuits-tcp.ovpn
A    windscribe/London-Biscuits-udp.ovpn
A    windscribe/London-Crumpets-tcp.ovpn
A    windscribe/London-Crumpets-udp.ovpn
A    windscribe/London-Custard-tcp.ovpn
A    windscribe/London-Custard-udp.ovpn
A    windscribe/London-TheTube-tcp.ovpn
A    windscribe/London-TheTube-udp.ovpn
A    windscribe/LosAngeles-Cube-tcp.ovpn
A    windscribe/LosAngeles-Cube-udp.ovpn
A    windscribe/LosAngeles-Dogg-tcp.ovpn
A    windscribe/LosAngeles-Dogg-udp.ovpn
A    windscribe/LosAngeles-Eazy-tcp.ovpn
A    windscribe/LosAngeles-Eazy-udp.ovpn
A    windscribe/LosAngeles-Lamar-tcp.ovpn
A    windscribe/LosAngeles-Lamar-udp.ovpn
A    windscribe/LosAngeles-Pac-tcp.ovpn
A    windscribe/LosAngeles-Pac-udp.ovpn
A    windscribe/Madrid-Prado-tcp.ovpn
A    windscribe/Madrid-Prado-udp.ovpn
A    windscribe/Manchester-United-tcp.ovpn
A    windscribe/Manchester-United-udp.ovpn
A    windscribe/Manila-Pasig-tcp.ovpn
A    windscribe/Manila-Pasig-udp.ovpn
A    windscribe/Melbourne-PortPhillip-tcp.ovpn
A    windscribe/Melbourne-PortPhillip-udp.ovpn
A    windscribe/Melbourne-Yarra-tcp.ovpn
A    windscribe/Melbourne-Yarra-udp.ovpn
A    windscribe/MexicoCity-Cojones-tcp.ovpn
A    windscribe/MexicoCity-Cojones-udp.ovpn
A    windscribe/Miami-FloridaMan-tcp.ovpn
A    windscribe/Miami-FloridaMan-udp.ovpn
A    windscribe/Miami-Snow-tcp.ovpn
A    windscribe/Miami-Snow-udp.ovpn
A    windscribe/Miami-Vice-tcp.ovpn
A    windscribe/Miami-Vice-udp.ovpn
A    windscribe/Milan-Duomo-tcp.ovpn
A    windscribe/Milan-Duomo-udp.ovpn
A    windscribe/Milan-Galleria-tcp.ovpn
A    windscribe/Milan-Galleria-udp.ovpn
A    windscribe/Montreal-BagelPoutine-tcp.ovpn
A    windscribe/Montreal-BagelPoutine-udp.ovpn
A    windscribe/Montreal-Expo67-tcp.ovpn
A    windscribe/Montreal-Expo67-udp.ovpn
A    windscribe/Montreal-OldPort-tcp.ovpn
A    windscribe/Montreal-OldPort-udp.ovpn
A    windscribe/Moscow-SleepyLenin-tcp.ovpn
A    windscribe/Moscow-SleepyLenin-udp.ovpn
A    windscribe/Mumbai-Mahim-tcp.ovpn
A    windscribe/Mumbai-Mahim-udp.ovpn
A    windscribe/NewJersey-Situation-tcp.ovpn
A    windscribe/NewJersey-Situation-udp.ovpn
A    windscribe/NewYork-Empire-tcp.ovpn
A    windscribe/NewYork-Empire-udp.ovpn
A    windscribe/NewYork-Gotham-tcp.ovpn
A    windscribe/NewYork-Gotham-udp.ovpn
A    windscribe/NewYork-Insomnia-tcp.ovpn
A    windscribe/NewYork-Insomnia-udp.ovpn
A    windscribe/NewYork-Radiohall-tcp.ovpn
A    windscribe/NewYork-Radiohall-udp.ovpn
A    windscribe/Nicosia-BlueLagoon-tcp.ovpn
A    windscribe/Nicosia-BlueLagoon-udp.ovpn
A    windscribe/Orlando-TofuDriver-tcp.ovpn
A    windscribe/Orlando-TofuDriver-udp.ovpn
A    windscribe/Oslo-Fjord-tcp.ovpn
A    windscribe/Oslo-Fjord-udp.ovpn
A    windscribe/PanamaCity-Papers-tcp.ovpn
A    windscribe/PanamaCity-Papers-udp.ovpn
A    windscribe/Paris-Jardin-tcp.ovpn
A    windscribe/Paris-Jardin-udp.ovpn
A    windscribe/Paris-Seine-tcp.ovpn
A    windscribe/Paris-Seine-udp.ovpn
A    windscribe/Perth-Herdsman-tcp.ovpn
A    windscribe/Perth-Herdsman-udp.ovpn
A    windscribe/Perth-KingsPark-tcp.ovpn
A    windscribe/Perth-KingsPark-udp.ovpn
A    windscribe/Philadelphia-Cheese-tcp.ovpn
A    windscribe/Philadelphia-Cheese-udp.ovpn
A    windscribe/Philadelphia-FreshPrince-tcp.ovpn
A    windscribe/Philadelphia-FreshPrince-udp.ovpn
A    windscribe/Phoenix-Floatie-tcp.ovpn
A    windscribe/Phoenix-Floatie-udp.ovpn
A    windscribe/Prague-Staromak-tcp.ovpn
A    windscribe/Prague-Staromak-udp.ovpn
A    windscribe/Prague-Vltava-tcp.ovpn
A    windscribe/Prague-Vltava-udp.ovpn
A    windscribe/Pune-Mutha-tcp.ovpn
A    windscribe/Pune-Mutha-udp.ovpn
A    windscribe/Reykjavik-FuzzyPony-tcp.ovpn
A    windscribe/Reykjavik-FuzzyPony-udp.ovpn
A    windscribe/Reykjavik-Reyka-tcp.ovpn
A    windscribe/Reykjavik-Reyka-udp.ovpn
A    windscribe/Riga-Daugava-tcp.ovpn
A    windscribe/Riga-Daugava-udp.ovpn
A    windscribe/Riga-Vecriga-tcp.ovpn
A    windscribe/Riga-Vecriga-udp.ovpn
A    windscribe/Rome-Colosseum-tcp.ovpn
A    windscribe/Rome-Colosseum-udp.ovpn
A    windscribe/SaintPetersburg-Hermitage-tcp.ovpn
A    windscribe/SaintPetersburg-Hermitage-udp.ovpn
A    windscribe/SaintPetersburg-Shnur-tcp.ovpn
A    windscribe/SaintPetersburg-Shnur-udp.ovpn
A    windscribe/SanAntonio-Zambales-tcp.ovpn
A    windscribe/SanAntonio-Zambales-udp.ovpn
A    windscribe/SanFrancisco-Sanitation-tcp.ovpn
A    windscribe/SanFrancisco-Sanitation-udp.ovpn
A    windscribe/SanJose-Santana-tcp.ovpn
A    windscribe/SanJose-Santana-udp.ovpn
A    windscribe/SantaClara-Inside-tcp.ovpn
A    windscribe/SantaClara-Inside-udp.ovpn
A    windscribe/Santiago-Cueca-tcp.ovpn
A    windscribe/Santiago-Cueca-udp.ovpn
A    windscribe/SaoPaulo-Mercadao-tcp.ovpn
A    windscribe/SaoPaulo-Mercadao-udp.ovpn
A    windscribe/SaoPaulo-Pinacoteca-tcp.ovpn
A    windscribe/SaoPaulo-Pinacoteca-udp.ovpn
A    windscribe/Sarajevo-Burek-tcp.ovpn
A    windscribe/Sarajevo-Burek-udp.ovpn
A    windscribe/Seattle-Cobain-tcp.ovpn
A    windscribe/Seattle-Cobain-udp.ovpn
A    windscribe/Seattle-Cornell-tcp.ovpn
A    windscribe/Seattle-Cornell-udp.ovpn
A    windscribe/Seattle-Hendrix-tcp.ovpn
A    windscribe/Seattle-Hendrix-udp.ovpn
A    windscribe/Seoul-Bukhansan-tcp.ovpn
A    windscribe/Seoul-Bukhansan-udp.ovpn
A    windscribe/Seoul-Hangang-tcp.ovpn
A    windscribe/Seoul-Hangang-udp.ovpn
A    windscribe/Seoul-Metro-tcp.ovpn
A    windscribe/Seoul-Metro-udp.ovpn
A    windscribe/Siauliai-Talksa-tcp.ovpn
A    windscribe/Siauliai-Talksa-udp.ovpn
A    windscribe/Singapore-Garden-tcp.ovpn
A    windscribe/Singapore-Garden-udp.ovpn
A    windscribe/Singapore-MarinaBay-tcp.ovpn
A    windscribe/Singapore-MarinaBay-udp.ovpn
A    windscribe/Singapore-SMRT-tcp.ovpn
A    windscribe/Singapore-SMRT-udp.ovpn
A    windscribe/Skopje-Vardar-tcp.ovpn
A    windscribe/Skopje-Vardar-udp.ovpn
A    windscribe/Sofia-Nevski-tcp.ovpn
A    windscribe/Sofia-Nevski-udp.ovpn
A    windscribe/Stockholm-Djurgarden-tcp.ovpn
A    windscribe/Stockholm-Djurgarden-udp.ovpn
A    windscribe/Stockholm-Ikea-tcp.ovpn
A    windscribe/Stockholm-Ikea-udp.ovpn
A    windscribe/Stockholm-Syndrome-tcp.ovpn
A    windscribe/Stockholm-Syndrome-udp.ovpn
A    windscribe/Sydney-OperaHouse-tcp.ovpn
A    windscribe/Sydney-OperaHouse-udp.ovpn
A    windscribe/Sydney-Squidney-tcp.ovpn
A    windscribe/Sydney-Squidney-udp.ovpn
A    windscribe/Taipei-Datong-tcp.ovpn
A    windscribe/Taipei-Datong-udp.ovpn
A    windscribe/Tallinn-KiekindeKok-tcp.ovpn
A    windscribe/Tallinn-KiekindeKok-udp.ovpn
A    windscribe/Tallinn-Lennujaam-tcp.ovpn
A    windscribe/Tallinn-Lennujaam-udp.ovpn
A    windscribe/Tampa-CubanSandwich-tcp.ovpn
A    windscribe/Tampa-CubanSandwich-udp.ovpn
A    windscribe/Tirana-Besa-tcp.ovpn
A    windscribe/Tirana-Besa-udp.ovpn
A    windscribe/Tokyo-Bosozoku-tcp.ovpn
A    windscribe/Tokyo-Bosozoku-udp.ovpn
A    windscribe/Tokyo-Drift-tcp.ovpn
A    windscribe/Tokyo-Drift-udp.ovpn
A    windscribe/Tokyo-Kaiju-tcp.ovpn
A    windscribe/Tokyo-Kaiju-udp.ovpn
A    windscribe/Toronto-ComfortZone-tcp.ovpn
A    windscribe/Toronto-ComfortZone-udp.ovpn
A    windscribe/Toronto-Mansbridge-tcp.ovpn
A    windscribe/Toronto-Mansbridge-udp.ovpn
A    windscribe/Toronto-The6-tcp.ovpn
A    windscribe/Toronto-The6-udp.ovpn
A    windscribe/Troll-Station-tcp.ovpn
A    windscribe/Troll-Station-udp.ovpn
A    windscribe/Tunis-Medina-tcp.ovpn
A    windscribe/Tunis-Medina-udp.ovpn
A    windscribe/Vancouver-Granville-tcp.ovpn
A    windscribe/Vancouver-Granville-udp.ovpn
A    windscribe/Vancouver-Stanley-tcp.ovpn
A    windscribe/Vancouver-Stanley-udp.ovpn
A    windscribe/Vancouver-Vansterdam-tcp.ovpn
A    windscribe/Vancouver-Vansterdam-udp.ovpn
A    windscribe/Vienna-Boltzmann-tcp.ovpn
A    windscribe/Vienna-Boltzmann-udp.ovpn
A    windscribe/Vienna-Hofburg-tcp.ovpn
A    windscribe/Vienna-Hofburg-udp.ovpn
A    windscribe/Warsaw-Chopin-tcp.ovpn
A    windscribe/Warsaw-Chopin-udp.ovpn
A    windscribe/Warsaw-Curie-tcp.ovpn
A    windscribe/Warsaw-Curie-udp.ovpn
A    windscribe/Warsaw-Vistula-tcp.ovpn
A    windscribe/Warsaw-Vistula-udp.ovpn
A    windscribe/WashingtonDC-Precedent-tcp.ovpn
A    windscribe/WashingtonDC-Precedent-udp.ovpn
A    windscribe/Zagreb-Tkalciceva-tcp.ovpn
A    windscribe/Zagreb-Tkalciceva-udp.ovpn
A    windscribe/Zurich-Alphorn-tcp.ovpn
A    windscribe/Zurich-Alphorn-udp.ovpn
A    windscribe/Zurich-Altstadt-tcp.ovpn
A    windscribe/Zurich-Altstadt-udp.ovpn
A    windscribe/Zurich-Lindenhof-tcp.ovpn
A    windscribe/Zurich-Lindenhof-udp.ovpn
A    windscribe/default.ovpn
Exported revision 3075.
INFO: Found OpenVPN configuration: "HongKong-Phooey-udp" for provider "WINDSCRIBE" using it
[cont-init.d] 02-setup-openvpn: exited 0.
[cont-init.d] 03-setup-iptables: executing... 
[cont-init.d] 03-setup-iptables: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Wed Jul 21 23:06:57 2021 OpenVPN 2.4.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan  4 2021
Wed Jul 21 23:06:57 2021 library versions: OpenSSL 1.1.1i  8 Dec 2020, LZO 2.10
Wed Jul 21 23:06:57 2021 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Wed Jul 21 23:06:57 2021 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Wed Jul 21 23:06:57 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:06:57 2021 UDP link local: (not bound)
Wed Jul 21 23:06:57 2021 UDP link remote: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:06:58 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Wed Jul 21 23:06:58 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 21 23:06:58 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 21 23:06:58 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 21 23:06:58 2021 TLS Error: TLS handshake failed
Wed Jul 21 23:06:58 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 21 23:07:03 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:03 2021 UDP link local: (not bound)
Wed Jul 21 23:07:03 2021 UDP link remote: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:03 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Wed Jul 21 23:07:03 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 21 23:07:03 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 21 23:07:03 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 21 23:07:03 2021 TLS Error: TLS handshake failed
Wed Jul 21 23:07:03 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 21 23:07:08 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:08 2021 UDP link local: (not bound)
Wed Jul 21 23:07:08 2021 UDP link remote: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:09 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Wed Jul 21 23:07:09 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 21 23:07:09 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 21 23:07:09 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 21 23:07:09 2021 TLS Error: TLS handshake failed
Wed Jul 21 23:07:09 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 21 23:07:14 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:14 2021 UDP link local: (not bound)
Wed Jul 21 23:07:14 2021 UDP link remote: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:19 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Wed Jul 21 23:07:19 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 21 23:07:19 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 21 23:07:19 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 21 23:07:19 2021 TLS Error: TLS handshake failed
Wed Jul 21 23:07:19 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 21 23:07:24 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:24 2021 UDP link local: (not bound)
Wed Jul 21 23:07:24 2021 UDP link remote: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:29 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Wed Jul 21 23:07:29 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 21 23:07:29 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 21 23:07:29 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 21 23:07:29 2021 TLS Error: TLS handshake failed
Wed Jul 21 23:07:29 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 21 23:07:39 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.57.114:1194
Wed Jul 21 23:07:39 2021 UDP link local: (not bound)
Wed Jul 21 23:07:39 2021 UDP link remote: [AF_INET]84.17.57.114:1194

Current setup

information about your current setup

docker image tag (ex: python, latest, 32242d1 ...) latest
docker image hash (ex: 603b78e07727) 28b3f5d6c9ce

docker-compose.yml file or docker run command

how did you start the container? (don't forget to use backticks for creating a proper code block)

  # Install qbittorrent with built-in openvpn client
  alpine-qbittorrent-openvpn:
    container_name: qbittorrent
    image: guillaumedsde/alpine-qbittorrent-openvpn:latest
    restart: unless-stopped
    networks:
      group_default:
        ipv4_address: 172.18.0.4
    ports:
      - "8080:8080"
    cap_add:
      - NET_ADMIN
    volumes:
      - /home/docker/qbittorrent/downloads:/downloads
      - /home/docker/qbittorrent/config:/config
      - /etc/localtime:/etc/localtime:ro
      - /mnt/gdrive:/mnt/gdrive/
    environment:
      - OPENVPN_PROVIDER=WINDSCRIBE
      - OPENVPN_CONFIG=HongKong-Phooey-udp
      - OPENVPN_USERNAME=secret
      - OPENVPN_PASSWORD=secret
      - PUID=1000
      - PGID=1000
      - LAN=192.168.1.0/24
    dns:
      - 10.255.255.1
      - 1.1.1.1
      - 1.0.0.1

Attempted Fix(es)

I tried switching servers and removing the dns entry from the docker-compose file and the issue still persists.

sylvesterroos commented 3 years ago

Same issue with me. Fresh install of the image.

Logs:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-setup-permissions: executing...
[cont-init.d] 01-setup-permissions: exited 0.
[cont-init.d] 02-setup-openvpn: executing...
Thu Jul 22 16:52:45 2021 TUN/TAP device tun0 opened
Thu Jul 22 16:52:45 2021 Persist state set to: ON
INFO: Trying to use OpenVPN provider: WINDSCRIBE
A    windscribe
A    windscribe/Adelaide-Lofty-tcp.ovpn
A    windscribe/Adelaide-Lofty-udp.ovpn
A    windscribe/Adelaide-Oval-tcp.ovpn
A    windscribe/Adelaide-Oval-udp.ovpn
A    windscribe/Amsterdam-Bicycle-tcp.ovpn
A    windscribe/Amsterdam-Bicycle-udp.ovpn
A    windscribe/Amsterdam-Canal-tcp.ovpn
A    windscribe/Amsterdam-Canal-udp.ovpn
A    windscribe/Amsterdam-RedLight-tcp.ovpn
A    windscribe/Amsterdam-RedLight-udp.ovpn
A    windscribe/Amsterdam-Tulip-tcp.ovpn
A    windscribe/Amsterdam-Tulip-udp.ovpn
A    windscribe/Ashdod-YamPark-tcp.ovpn
A    windscribe/Ashdod-YamPark-udp.ovpn
A    windscribe/Athens-Agora-tcp.ovpn
A    windscribe/Athens-Agora-udp.ovpn
A    windscribe/Athens-Odeon-tcp.ovpn
A    windscribe/Athens-Odeon-udp.ovpn
A    windscribe/Athens-Parthenon-tcp.ovpn
A    windscribe/Athens-Parthenon-udp.ovpn
A    windscribe/Atlanta-Mountain-tcp.ovpn
A    windscribe/Atlanta-Mountain-udp.ovpn
A    windscribe/Atlanta-Piedmont-tcp.ovpn
A    windscribe/Atlanta-Piedmont-udp.ovpn
A    windscribe/Auckland-Hauraki-tcp.ovpn
A    windscribe/Auckland-Hauraki-udp.ovpn
A    windscribe/Auckland-Parnell-tcp.ovpn
A    windscribe/Auckland-Parnell-udp.ovpn
A    windscribe/BakuCity-Caspian-tcp.ovpn
A    windscribe/BakuCity-Caspian-udp.ovpn
A    windscribe/Bangkok-Hangover-tcp.ovpn
A    windscribe/Bangkok-Hangover-udp.ovpn
A    windscribe/Bangkok-KhaoSan-tcp.ovpn
A    windscribe/Bangkok-KhaoSan-udp.ovpn
A    windscribe/Barcelona-Batllo-tcp.ovpn
A    windscribe/Barcelona-Batllo-udp.ovpn
A    windscribe/Belgrade-Rakia-tcp.ovpn
A    windscribe/Belgrade-Rakia-udp.ovpn
A    windscribe/Bend-OregonTrail-tcp.ovpn
A    windscribe/Bend-OregonTrail-udp.ovpn
A    windscribe/Bogota-Rololandia-tcp.ovpn
A    windscribe/Bogota-Rololandia-udp.ovpn
A    windscribe/Bogota-WhiteCoffee-tcp.ovpn
A    windscribe/Bogota-WhiteCoffee-udp.ovpn
A    windscribe/Boston-MIT-tcp.ovpn
A    windscribe/Boston-MIT-udp.ovpn
A    windscribe/Bratislava-DevinCastle-tcp.ovpn
A    windscribe/Bratislava-DevinCastle-udp.ovpn
A    windscribe/Brisbane-BadKoala-tcp.ovpn
A    windscribe/Brisbane-BadKoala-udp.ovpn
A    windscribe/Brisbane-GoodKoala-tcp.ovpn
A    windscribe/Brisbane-GoodKoala-udp.ovpn
A    windscribe/Brussels-Guildhouse-tcp.ovpn
A    windscribe/Brussels-Guildhouse-udp.ovpn
A    windscribe/Bucharest-NoVampires-tcp.ovpn
A    windscribe/Bucharest-NoVampires-udp.ovpn
A    windscribe/Budapest-Danube-tcp.ovpn
A    windscribe/Budapest-Danube-udp.ovpn
A    windscribe/BuenosAires-Madero-tcp.ovpn
A    windscribe/BuenosAires-Madero-udp.ovpn
A    windscribe/BuenosAires-Tango-tcp.ovpn
A    windscribe/BuenosAires-Tango-udp.ovpn
A    windscribe/Buffalo-Bill-tcp.ovpn
A    windscribe/Buffalo-Bill-udp.ovpn
A    windscribe/Bursa-Teleferik-tcp.ovpn
A    windscribe/Bursa-Teleferik-udp.ovpn
A    windscribe/Canberra-Burley-tcp.ovpn
A    windscribe/Canberra-Burley-udp.ovpn
A    windscribe/Charlotte-Earnhardt-tcp.ovpn
A    windscribe/Charlotte-Earnhardt-udp.ovpn
A    windscribe/Chennai-Adyar-tcp.ovpn
A    windscribe/Chennai-Adyar-udp.ovpn
A    windscribe/Chicago-Cub-tcp.ovpn
A    windscribe/Chicago-Cub-udp.ovpn
A    windscribe/Chicago-TheL-tcp.ovpn
A    windscribe/Chicago-TheL-udp.ovpn
A    windscribe/Chicago-Wrigley-tcp.ovpn
A    windscribe/Chicago-Wrigley-udp.ovpn
A    windscribe/Chisinau-Dendrarium-tcp.ovpn
A    windscribe/Chisinau-Dendrarium-udp.ovpn
A    windscribe/Cleveland-Brown-tcp.ovpn
A    windscribe/Cleveland-Brown-udp.ovpn
A    windscribe/Copenhagen-Christiansborg-tcp.ovpn
A    windscribe/Copenhagen-Christiansborg-udp.ovpn
A    windscribe/Copenhagen-Rosenborg-tcp.ovpn
A    windscribe/Copenhagen-Rosenborg-udp.ovpn
A    windscribe/Dallas-Ammo-tcp.ovpn
A    windscribe/Dallas-Ammo-udp.ovpn
A    windscribe/Dallas-BBQ-tcp.ovpn
A    windscribe/Dallas-BBQ-udp.ovpn
A    windscribe/Dallas-Ranch-tcp.ovpn
A    windscribe/Dallas-Ranch-udp.ovpn
A    windscribe/Denver-Barley-tcp.ovpn
A    windscribe/Denver-Barley-udp.ovpn
A    windscribe/Denver-Hops-tcp.ovpn
A    windscribe/Denver-Hops-udp.ovpn
A    windscribe/Detroit-ConeyDog-tcp.ovpn
A    windscribe/Detroit-ConeyDog-udp.ovpn
A    windscribe/Dubai-Khalifa-tcp.ovpn
A    windscribe/Dubai-Khalifa-udp.ovpn
A    windscribe/Dublin-Dullahan-tcp.ovpn
A    windscribe/Dublin-Dullahan-udp.ovpn
A    windscribe/Dublin-Guinness-tcp.ovpn
A    windscribe/Dublin-Guinness-udp.ovpn
A    windscribe/Edinburgh-KeeperWillie-tcp.ovpn
A    windscribe/Edinburgh-KeeperWillie-udp.ovpn
A    windscribe/Frankfurt-Castle-tcp.ovpn
A    windscribe/Frankfurt-Castle-udp.ovpn
A    windscribe/Frankfurt-Wiener-tcp.ovpn
A    windscribe/Frankfurt-Wiener-udp.ovpn
A    windscribe/Guadalajara-Cabanas-tcp.ovpn
A    windscribe/Guadalajara-Cabanas-udp.ovpn
A    windscribe/Halifax-Howe-tcp.ovpn
A    windscribe/Halifax-Howe-udp.ovpn
A    windscribe/Hanoi-RedRiver-tcp.ovpn
A    windscribe/Hanoi-RedRiver-udp.ovpn
A    windscribe/Helsinki-Sauna-tcp.ovpn
A    windscribe/Helsinki-Sauna-udp.ovpn
A    windscribe/Helsinki-Tram-tcp.ovpn
A    windscribe/Helsinki-Tram-udp.ovpn
A    windscribe/HongKong-Phooey-tcp.ovpn
A    windscribe/HongKong-Phooey-udp.ovpn
A    windscribe/HongKong-Victoria-tcp.ovpn
A    windscribe/HongKong-Victoria-udp.ovpn
A    windscribe/Istanbul-Ataturk-tcp.ovpn
A    windscribe/Istanbul-Ataturk-udp.ovpn
A    windscribe/Istanbul-Galata-tcp.ovpn
A    windscribe/Istanbul-Galata-udp.ovpn
A    windscribe/Istanbul-Ottoman-tcp.ovpn
A    windscribe/Istanbul-Ottoman-udp.ovpn
A    windscribe/Jakarta-Menteng-tcp.ovpn
A    windscribe/Jakarta-Menteng-udp.ovpn
A    windscribe/Jerusalem-Zion-tcp.ovpn
A    windscribe/Jerusalem-Zion-udp.ovpn
A    windscribe/Johannesburg-District-tcp.ovpn
A    windscribe/Johannesburg-District-udp.ovpn
A    windscribe/Johannesburg-EllisPark-tcp.ovpn
A    windscribe/Johannesburg-EllisPark-udp.ovpn
A    windscribe/Johannesburg-Lindfield-tcp.ovpn
A    windscribe/Johannesburg-Lindfield-udp.ovpn
A    windscribe/KansasCity-Glinda-tcp.ovpn
A    windscribe/KansasCity-Glinda-udp.ovpn
A    windscribe/KualaLumpur-Perdana-tcp.ovpn
A    windscribe/KualaLumpur-Perdana-udp.ovpn
A    windscribe/Kyiv-Borscht-tcp.ovpn
A    windscribe/Kyiv-Borscht-udp.ovpn
A    windscribe/LasVegas-Casino-tcp.ovpn
A    windscribe/LasVegas-Casino-udp.ovpn
A    windscribe/Lima-Amaru-tcp.ovpn
A    windscribe/Lima-Amaru-udp.ovpn
A    windscribe/Lisbon-Bairro-tcp.ovpn
A    windscribe/Lisbon-Bairro-udp.ovpn
A    windscribe/London-Biscuits-tcp.ovpn
A    windscribe/London-Biscuits-udp.ovpn
A    windscribe/London-Crumpets-tcp.ovpn
A    windscribe/London-Crumpets-udp.ovpn
A    windscribe/London-Custard-tcp.ovpn
A    windscribe/London-Custard-udp.ovpn
A    windscribe/London-TheTube-tcp.ovpn
A    windscribe/London-TheTube-udp.ovpn
A    windscribe/LosAngeles-Cube-tcp.ovpn
A    windscribe/LosAngeles-Cube-udp.ovpn
A    windscribe/LosAngeles-Dogg-tcp.ovpn
A    windscribe/LosAngeles-Dogg-udp.ovpn
A    windscribe/LosAngeles-Eazy-tcp.ovpn
A    windscribe/LosAngeles-Eazy-udp.ovpn
A    windscribe/LosAngeles-Lamar-tcp.ovpn
A    windscribe/LosAngeles-Lamar-udp.ovpn
A    windscribe/LosAngeles-Pac-tcp.ovpn
A    windscribe/LosAngeles-Pac-udp.ovpn
A    windscribe/Madrid-Prado-tcp.ovpn
A    windscribe/Madrid-Prado-udp.ovpn
A    windscribe/Manchester-United-tcp.ovpn
A    windscribe/Manchester-United-udp.ovpn
A    windscribe/Manila-Pasig-tcp.ovpn
A    windscribe/Manila-Pasig-udp.ovpn
A    windscribe/Melbourne-PortPhillip-tcp.ovpn
A    windscribe/Melbourne-PortPhillip-udp.ovpn
A    windscribe/Melbourne-Yarra-tcp.ovpn
A    windscribe/Melbourne-Yarra-udp.ovpn
A    windscribe/MexicoCity-Cojones-tcp.ovpn
A    windscribe/MexicoCity-Cojones-udp.ovpn
A    windscribe/Miami-FloridaMan-tcp.ovpn
A    windscribe/Miami-FloridaMan-udp.ovpn
A    windscribe/Miami-Snow-tcp.ovpn
A    windscribe/Miami-Snow-udp.ovpn
A    windscribe/Miami-Vice-tcp.ovpn
A    windscribe/Miami-Vice-udp.ovpn
A    windscribe/Milan-Duomo-tcp.ovpn
A    windscribe/Milan-Duomo-udp.ovpn
A    windscribe/Milan-Galleria-tcp.ovpn
A    windscribe/Milan-Galleria-udp.ovpn
A    windscribe/Montreal-BagelPoutine-tcp.ovpn
A    windscribe/Montreal-BagelPoutine-udp.ovpn
A    windscribe/Montreal-Expo67-tcp.ovpn
A    windscribe/Montreal-Expo67-udp.ovpn
A    windscribe/Montreal-OldPort-tcp.ovpn
A    windscribe/Montreal-OldPort-udp.ovpn
A    windscribe/Moscow-SleepyLenin-tcp.ovpn
A    windscribe/Moscow-SleepyLenin-udp.ovpn
A    windscribe/Mumbai-Mahim-tcp.ovpn
A    windscribe/Mumbai-Mahim-udp.ovpn
A    windscribe/NewJersey-Situation-tcp.ovpn
A    windscribe/NewJersey-Situation-udp.ovpn
A    windscribe/NewYork-Empire-tcp.ovpn
A    windscribe/NewYork-Empire-udp.ovpn
A    windscribe/NewYork-Gotham-tcp.ovpn
A    windscribe/NewYork-Gotham-udp.ovpn
A    windscribe/NewYork-Insomnia-tcp.ovpn
A    windscribe/NewYork-Insomnia-udp.ovpn
A    windscribe/NewYork-Radiohall-tcp.ovpn
A    windscribe/NewYork-Radiohall-udp.ovpn
A    windscribe/Nicosia-BlueLagoon-tcp.ovpn
A    windscribe/Nicosia-BlueLagoon-udp.ovpn
A    windscribe/Orlando-TofuDriver-tcp.ovpn
A    windscribe/Orlando-TofuDriver-udp.ovpn
A    windscribe/Oslo-Fjord-tcp.ovpn
A    windscribe/Oslo-Fjord-udp.ovpn
A    windscribe/PanamaCity-Papers-tcp.ovpn
A    windscribe/PanamaCity-Papers-udp.ovpn
A    windscribe/Paris-Jardin-tcp.ovpn
A    windscribe/Paris-Jardin-udp.ovpn
A    windscribe/Paris-Seine-tcp.ovpn
A    windscribe/Paris-Seine-udp.ovpn
A    windscribe/Perth-Herdsman-tcp.ovpn
A    windscribe/Perth-Herdsman-udp.ovpn
A    windscribe/Perth-KingsPark-tcp.ovpn
A    windscribe/Perth-KingsPark-udp.ovpn
A    windscribe/Philadelphia-Cheese-tcp.ovpn
A    windscribe/Philadelphia-Cheese-udp.ovpn
A    windscribe/Philadelphia-FreshPrince-tcp.ovpn
A    windscribe/Philadelphia-FreshPrince-udp.ovpn
A    windscribe/Phoenix-Floatie-tcp.ovpn
A    windscribe/Phoenix-Floatie-udp.ovpn
A    windscribe/Prague-Staromak-tcp.ovpn
A    windscribe/Prague-Staromak-udp.ovpn
A    windscribe/Prague-Vltava-tcp.ovpn
A    windscribe/Prague-Vltava-udp.ovpn
A    windscribe/Pune-Mutha-tcp.ovpn
A    windscribe/Pune-Mutha-udp.ovpn
A    windscribe/Reykjavik-FuzzyPony-tcp.ovpn
A    windscribe/Reykjavik-FuzzyPony-udp.ovpn
A    windscribe/Reykjavik-Reyka-tcp.ovpn
A    windscribe/Reykjavik-Reyka-udp.ovpn
A    windscribe/Riga-Daugava-tcp.ovpn
A    windscribe/Riga-Daugava-udp.ovpn
A    windscribe/Riga-Vecriga-tcp.ovpn
A    windscribe/Riga-Vecriga-udp.ovpn
A    windscribe/Rome-Colosseum-tcp.ovpn
A    windscribe/Rome-Colosseum-udp.ovpn
A    windscribe/SaintPetersburg-Hermitage-tcp.ovpn
A    windscribe/SaintPetersburg-Hermitage-udp.ovpn
A    windscribe/SaintPetersburg-Shnur-tcp.ovpn
A    windscribe/SaintPetersburg-Shnur-udp.ovpn
A    windscribe/SanAntonio-Zambales-tcp.ovpn
A    windscribe/SanAntonio-Zambales-udp.ovpn
A    windscribe/SanFrancisco-Sanitation-tcp.ovpn
A    windscribe/SanFrancisco-Sanitation-udp.ovpn
A    windscribe/SanJose-Santana-tcp.ovpn
A    windscribe/SanJose-Santana-udp.ovpn
A    windscribe/SantaClara-Inside-tcp.ovpn
A    windscribe/SantaClara-Inside-udp.ovpn
A    windscribe/Santiago-Cueca-tcp.ovpn
A    windscribe/Santiago-Cueca-udp.ovpn
A    windscribe/SaoPaulo-Mercadao-tcp.ovpn
A    windscribe/SaoPaulo-Mercadao-udp.ovpn
A    windscribe/SaoPaulo-Pinacoteca-tcp.ovpn
A    windscribe/SaoPaulo-Pinacoteca-udp.ovpn
A    windscribe/Sarajevo-Burek-tcp.ovpn
A    windscribe/Sarajevo-Burek-udp.ovpn
A    windscribe/Seattle-Cobain-tcp.ovpn
A    windscribe/Seattle-Cobain-udp.ovpn
A    windscribe/Seattle-Cornell-tcp.ovpn
A    windscribe/Seattle-Cornell-udp.ovpn
A    windscribe/Seattle-Hendrix-tcp.ovpn
A    windscribe/Seattle-Hendrix-udp.ovpn
A    windscribe/Seoul-Bukhansan-tcp.ovpn
A    windscribe/Seoul-Bukhansan-udp.ovpn
A    windscribe/Seoul-Hangang-tcp.ovpn
A    windscribe/Seoul-Hangang-udp.ovpn
A    windscribe/Seoul-Metro-tcp.ovpn
A    windscribe/Seoul-Metro-udp.ovpn
A    windscribe/Siauliai-Talksa-tcp.ovpn
A    windscribe/Siauliai-Talksa-udp.ovpn
A    windscribe/Singapore-Garden-tcp.ovpn
A    windscribe/Singapore-Garden-udp.ovpn
A    windscribe/Singapore-MarinaBay-tcp.ovpn
A    windscribe/Singapore-MarinaBay-udp.ovpn
A    windscribe/Singapore-SMRT-tcp.ovpn
A    windscribe/Singapore-SMRT-udp.ovpn
A    windscribe/Skopje-Vardar-tcp.ovpn
A    windscribe/Skopje-Vardar-udp.ovpn
A    windscribe/Sofia-Nevski-tcp.ovpn
A    windscribe/Sofia-Nevski-udp.ovpn
A    windscribe/Stockholm-Djurgarden-tcp.ovpn
A    windscribe/Stockholm-Djurgarden-udp.ovpn
A    windscribe/Stockholm-Ikea-tcp.ovpn
A    windscribe/Stockholm-Ikea-udp.ovpn
A    windscribe/Stockholm-Syndrome-tcp.ovpn
A    windscribe/Stockholm-Syndrome-udp.ovpn
A    windscribe/Sydney-OperaHouse-tcp.ovpn
A    windscribe/Sydney-OperaHouse-udp.ovpn
A    windscribe/Sydney-Squidney-tcp.ovpn
A    windscribe/Sydney-Squidney-udp.ovpn
A    windscribe/Taipei-Datong-tcp.ovpn
A    windscribe/Taipei-Datong-udp.ovpn
A    windscribe/Tallinn-KiekindeKok-tcp.ovpn
A    windscribe/Tallinn-KiekindeKok-udp.ovpn
A    windscribe/Tallinn-Lennujaam-tcp.ovpn
A    windscribe/Tallinn-Lennujaam-udp.ovpn
A    windscribe/Tampa-CubanSandwich-tcp.ovpn
A    windscribe/Tampa-CubanSandwich-udp.ovpn
A    windscribe/Tirana-Besa-tcp.ovpn
A    windscribe/Tirana-Besa-udp.ovpn
A    windscribe/Tokyo-Bosozoku-tcp.ovpn
A    windscribe/Tokyo-Bosozoku-udp.ovpn
A    windscribe/Tokyo-Drift-tcp.ovpn
A    windscribe/Tokyo-Drift-udp.ovpn
A    windscribe/Tokyo-Kaiju-tcp.ovpn
A    windscribe/Tokyo-Kaiju-udp.ovpn
A    windscribe/Toronto-ComfortZone-tcp.ovpn
A    windscribe/Toronto-ComfortZone-udp.ovpn
A    windscribe/Toronto-Mansbridge-tcp.ovpn
A    windscribe/Toronto-Mansbridge-udp.ovpn
A    windscribe/Toronto-The6-tcp.ovpn
A    windscribe/Toronto-The6-udp.ovpn
A    windscribe/Troll-Station-tcp.ovpn
A    windscribe/Troll-Station-udp.ovpn
A    windscribe/Tunis-Medina-tcp.ovpn
A    windscribe/Tunis-Medina-udp.ovpn
A    windscribe/Vancouver-Granville-tcp.ovpn
A    windscribe/Vancouver-Granville-udp.ovpn
A    windscribe/Vancouver-Stanley-tcp.ovpn
A    windscribe/Vancouver-Stanley-udp.ovpn
A    windscribe/Vancouver-Vansterdam-tcp.ovpn
A    windscribe/Vancouver-Vansterdam-udp.ovpn
A    windscribe/Vienna-Boltzmann-tcp.ovpn
A    windscribe/Vienna-Boltzmann-udp.ovpn
A    windscribe/Vienna-Hofburg-tcp.ovpn
A    windscribe/Vienna-Hofburg-udp.ovpn
A    windscribe/Warsaw-Chopin-tcp.ovpn
A    windscribe/Warsaw-Chopin-udp.ovpn
A    windscribe/Warsaw-Curie-tcp.ovpn
A    windscribe/Warsaw-Curie-udp.ovpn
A    windscribe/Warsaw-Vistula-tcp.ovpn
A    windscribe/Warsaw-Vistula-udp.ovpn
A    windscribe/WashingtonDC-Precedent-tcp.ovpn
A    windscribe/WashingtonDC-Precedent-udp.ovpn
A    windscribe/Zagreb-Tkalciceva-tcp.ovpn
A    windscribe/Zagreb-Tkalciceva-udp.ovpn
A    windscribe/Zurich-Alphorn-tcp.ovpn
A    windscribe/Zurich-Alphorn-udp.ovpn
A    windscribe/Zurich-Altstadt-tcp.ovpn
A    windscribe/Zurich-Altstadt-udp.ovpn
A    windscribe/Zurich-Lindenhof-tcp.ovpn
A    windscribe/Zurich-Lindenhof-udp.ovpn
A    windscribe/default.ovpn
Exported revision 3075.
INFO: Found OpenVPN configuration: "Amsterdam-Canal-udp" for provider "WINDSCRIBE" using it
[cont-init.d] 02-setup-openvpn: exited 0.
[cont-init.d] 03-setup-iptables: executing...
[cont-init.d] 03-setup-iptables: exited 0.
[cont-init.d] done.
[services.d] starting services
Thu Jul 22 16:52:47 2021 OpenVPN 2.4.10 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan  4 2021
Thu Jul 22 16:52:47 2021 library versions: OpenSSL 1.1.1i  8 Dec 2020, LZO 2.10
[services.d] done.
Thu Jul 22 16:52:47 2021 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jul 22 16:52:47 2021 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jul 22 16:52:47 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.212.171.131:1194
Thu Jul 22 16:52:47 2021 UDP link local: (not bound)
Thu Jul 22 16:52:47 2021 UDP link remote: [AF_INET]185.212.171.131:1194
Thu Jul 22 16:52:47 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:52:47 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:52:47 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:52:47 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:52:47 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:52:47 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 22 16:52:52 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.253.96.3:1194
Thu Jul 22 16:52:52 2021 UDP link local: (not bound)
Thu Jul 22 16:52:52 2021 UDP link remote: [AF_INET]185.253.96.3:1194
Thu Jul 22 16:52:52 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:52:52 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:52:52 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:52:52 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:52:52 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:52:52 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 22 16:52:57 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.156.172.163:1194
Thu Jul 22 16:52:57 2021 UDP link local: (not bound)
Thu Jul 22 16:52:57 2021 UDP link remote: [AF_INET]185.156.172.163:1194
Thu Jul 22 16:52:57 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:52:57 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:52:57 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:52:57 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:52:57 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:52:57 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 22 16:53:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.253.96.3:1194
Thu Jul 22 16:53:02 2021 UDP link local: (not bound)
Thu Jul 22 16:53:02 2021 UDP link remote: [AF_INET]185.253.96.3:1194
Thu Jul 22 16:53:02 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:53:02 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:53:02 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:53:02 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:53:02 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:53:02 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 22 16:53:07 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.156.172.163:1194
Thu Jul 22 16:53:07 2021 UDP link local: (not bound)
Thu Jul 22 16:53:07 2021 UDP link remote: [AF_INET]185.156.172.163:1194
Thu Jul 22 16:53:07 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:53:07 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:53:07 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:53:07 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:53:07 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:53:07 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 22 16:53:12 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]185.212.171.131:1194
Thu Jul 22 16:53:12 2021 UDP link local: (not bound)
Thu Jul 22 16:53:12 2021 UDP link remote: [AF_INET]185.212.171.131:1194
Thu Jul 22 16:53:12 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1
Thu Jul 22 16:53:12 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Thu Jul 22 16:53:12 2021 TLS_ERROR: BIO read tls_read_plaintext error
Thu Jul 22 16:53:12 2021 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 22 16:53:12 2021 TLS Error: TLS handshake failed
Thu Jul 22 16:53:12 2021 SIGUSR1[soft,tls-error] received, process restarting

docker-compose.yml

version: "3.3"
services:
  alpine-qbittorrent-openvpn:
    volumes:
      - "/mnt/storage/Movies:/downloads/movies"
      - "/mnt/storage/Shows:/downloads/shows"
      - "/mnt/storage/Stash:/downloads/stash"
      - "/mnt/storage/ISOs:/downloads/isos"
      - "/mnt/storage/Appdata/qbittorrentvpn:/config"
      - "/etc/localtime:/etc/localtime:ro"
    environment:
      - OPENVPN_PROVIDER=WINDSCRIBE
      - OPENVPN_CONFIG=Amsterdam-Canal-udp
      - OPENVPN_USERNAME=secret
      - OPENVPN_PASSWORD=secret
      - PUID=1000
      - PGID=1000
      - autoheal=true
      - LAN=192.168.178.0/24
    ports:
      - "8080:8080"
    cap_add:
      - NET_ADMIN
    image: guillaumedsde/alpine-qbittorrent-openvpn:python
    dns:
      - 1.1.1.1
      - 1.0.0.1

Edit: fixed the formatting

WormChickenWizard commented 3 years ago

Same issue with me. Fresh install of the image.

Thanks for duplicating it on your end. At least it wasn't something I did

Edit: no clue why the formatting looks so weird

I usually use three backticks, enter down twice, three more backticks, and paste on the empty line between the backticks.

sylvesterroos commented 3 years ago

I used one instead of three, that explains it 😄

Nmasood commented 3 years ago

I ran into this issue as well. I believe it's due to the compression phase out described on Windscribe's OVPN page

OpenVPN compression phaseout is in progress and will be completed by August 3rd 2021. If you downloaded configs from this page before you saw this message, you need to re-download them now, or simply remove the compress or comp-lzo flags from the config that you downloaded after July 20th 2021.

to get around this I stopped and removed the container

 docker-compose -f {path_to_yaml_file} stop
 docker-compose -f {path_to_yaml_file} rm -f

commented out all OVPN_ lines in the yaml file and placed my OVPN file downloaded from Windscribe into the config folder with config.ovpn as the name and brought up the container

 docker-compose -f {path_to_yaml_file} pull
 docker-compose -f {path_to_yaml_file} up --build -d

OVPN will fail as it overwrote my auth file with a blank file but it will continue to try. Once I input the credentials from that Windscribe page into the openvpn-credentials.txt it started working.

I'm not 100% sure but I do believe the container needs the LZO compression bits removed for normal user/pass auth functionality to return

WormChickenWizard commented 3 years ago

Looks like someone already has a pull request open to remedy this https://github.com/haugene/docker-transmission-openvpn/pull/1887

sylvesterroos commented 3 years ago

That was quick. Let's hope that it finds it way to the docker image soon.

WormChickenWizard commented 3 years ago

There's a separate pull that's already been merged into their dev branch and waiting to be merged in main. https://github.com/haugene/vpn-configs-contrib/pull/21

WormChickenWizard commented 3 years ago

Looks like I misinterpreted the documentation. The fix has already been merged into the https://github.com/haugene/docker-transmission-openvpn/ repository, which is the repo this one was originally forked from. I was under the assumption that once the configs over there were merged, a ci pipeline would merge it into this repo automatically. I looked through the files to see if there were any ovpn configs and I didn't see any so it looks like either I'm wrong and there's no ci pipeline, the ci pipeline is broken, or there's something else I'm missing.

EDIT: So literally nothing is wrong with the ci pipeline. The container is able to read the configs from the original transmission repo correctly. It seems to be an issue with the ovpn client being out of date. I tried manually setting the Windscribe ovpn file by downloading it from the other repo and configuring the container for a custom provider. Same TLS error occurred.

rancod99 commented 3 years ago

Experiencing the same issue. Any proven work around?

Using Portainer, and finding difficult to implement Nmasood's tweak. Thanks.

WormChickenWizard commented 3 years ago

Experiencing the same issue. Any proven work around?

I looked at the dev branch and the last commit was roughly a month ago versus last January in the main branch. I haven't tried this but you might switch over to the dev branch and see if its now working. Only other thing you might try is updating openvpn manually in the container.

rancod99 commented 3 years ago

Experiencing the same issue. Any proven work around?

I looked at the dev branch and the last commit was roughly a month ago versus last January in the main branch. I haven't tried this but you might switch over to the dev branch and see if its now working. Only other thing you might try is updating openvpn manually in the container.

Happen to have the link for the DEV branch? Could not locate it myself. Thanks.

WormChickenWizard commented 3 years ago

Happen to have the link for the DEV branch? Could not locate it myself. Thanks.

You'd need to run docker pull guillaumedsde/alpine-qbittorrent-openvpn:development to get the container All details for the various branches should be here: https://hub.docker.com/r/guillaumedsde/alpine-qbittorrent-openvpn/tags

WormChickenWizard commented 3 years ago

So a weird thing just occurred. I just got done setting up https://github.com/haugene/docker-transmission-openvpn/ and its throwing the exact same TLS error

WormChickenWizard commented 3 years ago

I just got qbittorrent working with windscribe by using a custom provider. The second pr that I mentioned in this thread was windscribe related and updated the .ovpn profiles, but had nothing to do with the TLS error. The first pr that I mentioned in this thread would've actually fixed the issue, but got closed. The reason being is because the transmission team is moving all the .ovpn profiles into a separate repository and have yet to change their code to point to the profile specific repo. Thats why I couldn't get transmission to work earlier. So in order to get it working for the time being, download the .ovpn profile from the transmission profile repo located here: https://github.com/haugene/vpn-configs-contrib/tree/main/openvpn/windscribe , map it to /etc/openvpn/custom/default.ovpn, and set OPENVPN_PROVIDER=CUSTOM and it should work.

rancod99 commented 3 years ago

I just got qbittorrent working with windscribe by using a custom provider. The second pr that I mentioned in this thread was windscribe related and updated the .ovpn profiles, but had nothing to do with the TLS error. The first pr that I mentioned in this thread would've actually fixed the issue, but got closed. The reason being is because the transmission team is moving all the .ovpn profiles into a separate repository and have yet to change their code to point to the profile specific repo. Thats why I couldn't get transmission to work earlier. So in order to get it working for the time being, download the .ovpn profile from the transmission profile repo located here: https://github.com/haugene/vpn-configs-contrib/tree/main/openvpn/windscribe , map it to /etc/openvpn/custom/default.ovpn, and set OPENVPN_PROVIDER=CUSTOM and it should work.

@WormChickenWizard that solution worked, spot on. Much appreciated.

For anyone in my shoes, this is what the start of the docker-compose looks like, after grabbing the desired .ovpn config from here :

version: "3" services: alpine-qbittorrent-openvpn: volumes: