Update Windscribe OVPN - New CA

[QuiGonLeong]

Before creating this request I have:

REQUIRED

• [X] Searched for similar provider requests and container issues
• [X] Read the documentation, especially the provider, custom provider, troubleshooting section and FAQ
• [X] Tried to add as much relevant information to the request as possible
• [X] Agreed that my request will be closed if I do not follow this template and will remain closed until I complete the template

Which provider?

REQUIRED

Windscribe

Where are the configs?

REQUIRED

Providers website

Additional context

Optional

https://blog.windscribe.com/openvpn-security-improvements-and-changes-7b04ea49222

VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=CA, ST=ON, L=Toronto, O=Windscribe Limited, OU=Systems, CN=Windscribe Node CA X2, serial=1

OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed ```
<!-- check *Preview Issue* before submitting -->

[smshr]

is there any workaround for this, till the certificates gets updated in the image?

[catscandrive]

is there any workaround for this, till the certificates get updated in the image?

I manually edited the openvpn config I needed to use. So I ran docker exec -it transmission /bin/bash, edited /etc/openvpn/windscribe/\ and replaced it with the new one from this repository, then ran pkill openvpn. It's 100% a bandaid.

[nibrwr]

Here's a config file from Windscribe, if it helps (renamed to .txt for upload)

Windscribe-Atlanta-Mountain.txt

[smshr]

I manually edited the openvpn config I needed to use. So I ran docker exec -it transmission /bin/bash, edited /etc/openvpn/windscribe/ and replaced it with the new one from this repository, then ran pkill openvpn. It's 100% a bandaid.

maybe that works on docker, but I am in kubernetes and I tried following, it didn't work: kubectl -n apps exec --stdin --tty transmission-67bdbbb85d-9z5hf -- /bin/bash

after pkill openvpn, kubernetes overwrites the changed ovpn file.

[catscandrive]

In theory you could clone the image repo, update the config files manually and build the image yourself. Or, clone the config repo, and mount the locally cloned config repo to /etc/openvpn/windscribe (respecting the folder structure, and also, this might not work with kubernetes?).

[smshr]

In theory you could clone the image repo, update the config files manually and build the image yourself. Or, clone the config repo, and mount the locally cloned config repo to /etc/openvpn/windscribe (respecting the folder structure, and also, this might not work with kubernetes?).

It should work, I think. However, in the meantime I tried CUSTOM configuration and it worked. It is well documented here: https://haugene.github.io/docker-transmission-openvpn/supported-providers/, look towards the end of the page. The only downside is that I am for now restricted to one location, earlier I could provide a list of locations and any one of them will be randomly selected at the time of image startup.

[Fizpop91]

Having the same issue, and I don't think I have the docker knowledge to apply the workaround mentioned above, but ill give it a bash :D

[ochompsky]

commenting here as i need this as well, am watching this thread.

[pkishino]

feel free to provide a PR with the fix, then I can review and merge this

[ochompsky]

feel free to provide a PR with the fix, then I can review and merge this

it looks like it was already merged into https://github.com/haugene/vpn-configs-contrib/pull/21

i'm just not sure how it makes it's way to the docker-transmission-openvpn repo from here.

EDIT: looks like there's already an open PR for it, https://github.com/haugene/docker-transmission-openvpn/pull/1887

[pkishino]

You need to be on the dev branch of the main repo for now to get these updates..

On Tue, Jul 27, 2021 at 12:57 ochompsky @.***> wrote:

feel free to provide a PR with the fix, then I can review and merge this

it looks like it was already merged into #21 https://github.com/haugene/vpn-configs-contrib/pull/21

i'm just not sure how it makes it's way to the docker-transmission-openvpn repo from here.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/haugene/vpn-configs-contrib/issues/23#issuecomment-887187995, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA7OFYVJ4YKVK4FJOO5IOVLTZYVCJANCNFSM5AYRIH3Q .

[pkishino]

I take it this can be closed as new windscribe configs were merged into here ?

[QuiGonLeong]

You need to be on the dev branch of the main repo for now to get these updates..

When will this be merged in the main repo?

[pkishino]

when 4.0 is released..which will release when we have the time.