Latest version SlickVPN no longer connecting

[SupaYoshi]

Is there a pinned issue for this?

• [X] I have read the pinned issues and could not find my issue

Is there an existing or similar issue/discussion for this?

• [X] I have searched the existing issues
• [X] I have searched the existing discussions

Is there any comment in the documentation for this?

• [X] I have read the documentation, especially the FAQ and Troubleshooting parts

Is this related to a provider?

• [X] I have checked the provider repo for issues
• [X] My issue is NOT related to a provider

Are you using the latest release?

• [X] I am using the latest release

Have you tried using the dev branch latest?

• [ ] I have tried using dev branch

Docker run config used

transmission: image: haugene/transmission-openvpn container_name: transmission cap_add:

• NET_ADMIN devices:
• /dev/net/tun restart: always ports:
• "9091:9091"
• "8888:8888" volumes:
• ${APPDATA}transmission:/config
• ${DOWNLOAD_TORRENT}

• ${DOWNLOAD_INCOMPLETE_TORRENTS}

  environment:

  • TRANSMISSION_DOWNLOAD_DIR=/download
  • TRANSMISSION_INCOMPLETE_DIR=/download/torrents/incomplete
  • TRANSMISSION_HOME=/config
  • TRANSMISSION_UTP_ENABLED=false
  • TRANSMISSION_PEER_PORT=49545
  • TRANSMISSION_PORT_FORWARDING_ENABLED=true
  • TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED=true
  • TRANSMISSION_IDLE_SEEDING_LIMIT=60
  • TRANSMISSION_RATIO_LIMIT=2
  • TRANSMISSION_RATIO_LIMIT_ENABLED=true
  • OPENVPN_PROVIDER=slickvpn
  • CREATE_TUN_DEVICE=true
  • OPENVPN_CONFIG=Germany-Frankfurt
  • OPENVPN_USERNAME=sv573326@slickvpncore.com
  • OPENVPN_PASSWORD=ZgTIOk
  • OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
  • LOCAL_NETWORK=10.67.41.0/24

Current Behavior

Container crashes

Expected Behavior

VPN connects, runs everything

How have you tried to solve the problem?

Yes I have had it working on older versions... also with other provider.

Log output

adding route to local network 10.67.41.0/24 via 172.18.0.1 dev eth0 2023-02-24 17:16:44 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2023-02-24 17:16:44 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022 2023-02-24 17:16:44 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 2023-02-24 17:16:44 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2023-02-24 17:16:44 TCP/UDP: Preserving recently used remote address: [AF_INET]139.162.159.184:443 2023-02-24 17:16:44 Socket Buffers: R=[212992->212992] S=[212992->212992] 2023-02-24 17:16:44 UDP link local: (not bound) 2023-02-24 17:16:44 UDP link remote: [AF_INET]139.162.159.184:443 2023-02-24 17:16:44 TLS: Initial packet from [AF_INET]139.162.159.184:443, sid=b4854566 85cef3db 2023-02-24 17:16:44 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=US, ST=VPN, L=VPN, O=VPN, OU=VPN, CN=VPN, name=VPN, emailAddress=VPN, serial=1 2023-02-24 17:16:44 OpenSSL: error:0A000086:SSL routines::certificate verify failed 2023-02-24 17:16:44 TLS_ERROR: BIO read tls_read_plaintext error 2023-02-24 17:16:44 TLS Error: TLS object -> incoming plaintext read error 2023-02-24 17:16:44 TLS Error: TLS handshake failed 2023-02-24 17:16:44 SIGTERM[soft,tls-error] received, process exiting Starting container with revision: b33d0fe4c938259a0d4eb844e55468f387456121 Creating TUN device /dev/net/tun Using OpenVPN provider: SLICKVPN Running with VPN_CONFIG_SOURCE auto No bundled config script found for SLICKVPN. Defaulting to external config Downloading configs from https://github.com/haugene/vpn-configs-contrib/archive/main.zip into /tmp/tmp.Aq7Ty8yopE Extracting configs to /tmp/tmp.TU6MLuoOya Found configs for SLICKVPN in /tmp/tmp.TU6MLuoOya/vpn-configs-contrib-main/openvpn/slickvpn, will replace current content in /etc/openvpn/slickvpn Cleanup: deleting /tmp/tmp.Aq7Ty8yopE and /tmp/tmp.TU6MLuoOya Starting OpenVPN using config Germany-Frankfurt.ovpn Modifying /etc/openvpn/slickvpn/Germany-Frankfurt.ovpn for best behaviour in this container Modification: Point auth-user-pass option to the username/password file Modification: Change ca certificate path Modification: Change ping options Modification: Update/set resolv-retry to 15 seconds Modification: Change tls-crypt keyfile path Modification: Set output verbosity to 3 Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop Modification: Updating status for config failure detection Setting OpenVPN credentials... adding route to local network 10.67.41.0/24 via 172.18.0.1 dev eth0 2023-02-24 17:16:47 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2023-02-24 17:16:47 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022 2023-02-24 17:16:47 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 2023-02-24 17:16:47 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2023-02-24 17:16:47 TCP/UDP: Preserving recently used remote address: [AF_INET]139.162.159.184:443 2023-02-24 17:16:47 Socket Buffers: R=[212992->212992] S=[212992->212992] 2023-02-24 17:16:47 UDP link local: (not bound) 2023-02-24 17:16:47 UDP link remote: [AF_INET]139.162.159.184:443 2023-02-24 17:16:47 TLS: Initial packet from [AF_INET]139.162.159.184:443, sid=c4147b76 8dadcf30 2023-02-24 17:16:47 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=US, ST=VPN, L=VPN, O=VPN, OU=VPN, CN=VPN, name=VPN, emailAddress=VPN, serial=1 2023-02-24 17:16:47 OpenSSL: error:0A000086:SSL routines::certificate verify failed 2023-02-24 17:16:47 TLS_ERROR: BIO read tls_read_plaintext error 2023-02-24 17:16:47 TLS Error: TLS object -> incoming plaintext read error 2023-02-24 17:16:47 TLS Error: TLS handshake failed 2023-02-24 17:16:47 SIGTERM[soft,tls-error] received, process exiting Starting container with revision: b33d0fe4c938259a0d4eb844e55468f387456121 root@download-server:/opt/dockerdata# cd

HW/SW Environment

- OS: Debian 11
- Docker: Docker version 20.10.17, build 100c701

Anything else?

please tell me what to do to fix htis

[edgd1er]

Ask your vpn provider to update its cipher suite and provide new config file

2023-02-24 17:16:47 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=US, ST=VPN, L=VPN, O=VPN, OU=VPN, CN=VPN, name=VPN, emailAddress=VPN, serial=1

[SupaYoshi]

Where do in place the new config file ?Sent from my iPhoneOn 24 Feb 2023, at 18:50, edgd1er @.***> wrote: Ask your vpn provider to update its cipher suite and provide new config file 2023-02-24 17:16:47 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=US, ST=VPN, L=VPN, O=VPN, OU=VPN, CN=VPN, name=VPN, emailAddress=VPN, serial=1

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>

[pkishino]

Duplicate plus this IS provider related, so wrong repo.

[PalasX]

Until SLICKVPN gets their stuff sorted, this worked for me: Export and bind openssl.cnf in your docker compose file, and edit SECLEVEL to 0. Alternatively, you can try to get this command run on your container while its loading up: docker exec -i -t CONTAINERNAMEORNUMBER sed -i 's/SECLEVEL=2/SECLEVEL=0/g' /etc/ssl/openssl.cnf

i also added this to my three chosen config files, just to be safe:

cipher

cipher AES-256-CBC tls-cipher DEFAULT:@SECLEVEL=0 data-ciphers-fallback AES-256-CBC

finally, you posted your username and password clear text. not that we wouldnt all mind a free VPN, but you should probably change that. soon.