[X] I have checked that the provider are the latest
Have you tested the provider files?
[X] I have tested the provider files
Can you create a PR for this config?
[ ] I can create a PR for this
Provider details
Anonine certificate check fails. Maybe the config files needs updating?
Thanks!
Anything else?
Log file:
Starting container with revision: 07f5a2b9aea5028c9bb75438c1552708e91dde71
TRANSMISSION_HOME is currently set to: /config/transmission-home
Creating TUN device /dev/net/tun
Using OpenVPN provider: ANONINE
Running with VPN_CONFIG_SOURCE auto
No bundled config script found for ANONINE. Defaulting to external config
Will get configs from https://github.com/haugene/vpn-configs-contrib.git
Repository is already cloned, checking for update
Already up to date.
Already on 'main'
Your branch is up to date with 'origin/main'.
Found configs for ANONINE in /config/vpn-configs-contrib/openvpn/anonine, will replace current content in /etc/openvpn/anonine
Starting OpenVPN using config Sweden-Stockholm.ovpn
Modifying /etc/openvpn/anonine/Sweden-Stockholm.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Modification: Updating status for config failure detection
Setting OpenVPN credentials...
adding route to local network 10.0.0.0/16 via 172.26.0.1 dev eth0
2024-07-29 09:26:23 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-07-29 09:26:23 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-07-29 09:26:23 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
2024-07-29 09:26:23 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2024-07-29 09:26:23 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-07-29 09:26:23 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 TCP/UDP: Preserving recently used remote address: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 Socket Buffers: R=[131072->131072] S=[16384->16384]
2024-07-29 09:26:23 Attempting to establish TCP connection with [AF_INET]185.5.46.97:1195 [nonblock]
2024-07-29 09:26:23 TCP connection established with [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TCP_CLIENT link local: (not bound)
2024-07-29 09:26:23 TCP_CLIENT link remote: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TLS: Initial packet from [AF_INET]185.5.46.97:1195, sid=a1be04c2 231985e6
2024-07-29 09:26:23 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=GB, ST=LN, L=London, O=vpnsvc, OU=vpnsvc, CN=vpnsvc, name=vpnsvc, emailAddress=noc@vpnsvc.com, serial=1
2024-07-29 09:26:23 OpenSSL: error:0A000086:SSL routines::certificate verify failed
2024-07-29 09:26:23 TLS_ERROR: BIO read tls_read_plaintext error
2024-07-29 09:26:23 TLS Error: TLS object -> incoming plaintext read error
2024-07-29 09:26:23 TLS Error: TLS handshake failed
2024-07-29 09:26:23 Fatal TLS error (check_tls_errors_co), restarting
2024-07-29 09:26:23 SIGTERM[soft,tls-error] received, process exiting
Do you have the latest provider files?
Have you tested the provider files?
Can you create a PR for this config?
Provider details
Anonine certificate check fails. Maybe the config files needs updating?
Thanks!
Anything else?
Log file:
Starting container with revision: 07f5a2b9aea5028c9bb75438c1552708e91dde71 TRANSMISSION_HOME is currently set to: /config/transmission-home Creating TUN device /dev/net/tun Using OpenVPN provider: ANONINE Running with VPN_CONFIG_SOURCE auto No bundled config script found for ANONINE. Defaulting to external config Will get configs from https://github.com/haugene/vpn-configs-contrib.git Repository is already cloned, checking for update Already up to date. Already on 'main' Your branch is up to date with 'origin/main'. Found configs for ANONINE in /config/vpn-configs-contrib/openvpn/anonine, will replace current content in /etc/openvpn/anonine Starting OpenVPN using config Sweden-Stockholm.ovpn Modifying /etc/openvpn/anonine/Sweden-Stockholm.ovpn for best behaviour in this container Modification: Point auth-user-pass option to the username/password file Modification: Change ca certificate path Modification: Change ping options Modification: Update/set resolv-retry to 15 seconds Modification: Change tls-crypt keyfile path Modification: Set output verbosity to 3 Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop Modification: Updating status for config failure detection Setting OpenVPN credentials... adding route to local network 10.0.0.0/16 via 172.26.0.1 dev eth0 2024-07-29 09:26:23 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set. 2024-07-29 09:26:23 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2024-07-29 09:26:23 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023 2024-07-29 09:26:23 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 2024-07-29 09:26:23 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2024-07-29 09:26:23 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2024-07-29 09:26:23 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2024-07-29 09:26:23 TCP/UDP: Preserving recently used remote address: [AF_INET]185.5.46.97:1195 2024-07-29 09:26:23 Socket Buffers: R=[131072->131072] S=[16384->16384] 2024-07-29 09:26:23 Attempting to establish TCP connection with [AF_INET]185.5.46.97:1195 [nonblock] 2024-07-29 09:26:23 TCP connection established with [AF_INET]185.5.46.97:1195 2024-07-29 09:26:23 TCP_CLIENT link local: (not bound) 2024-07-29 09:26:23 TCP_CLIENT link remote: [AF_INET]185.5.46.97:1195 2024-07-29 09:26:23 TLS: Initial packet from [AF_INET]185.5.46.97:1195, sid=a1be04c2 231985e6 2024-07-29 09:26:23 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=GB, ST=LN, L=London, O=vpnsvc, OU=vpnsvc, CN=vpnsvc, name=vpnsvc, emailAddress=noc@vpnsvc.com, serial=1 2024-07-29 09:26:23 OpenSSL: error:0A000086:SSL routines::certificate verify failed 2024-07-29 09:26:23 TLS_ERROR: BIO read tls_read_plaintext error 2024-07-29 09:26:23 TLS Error: TLS object -> incoming plaintext read error 2024-07-29 09:26:23 TLS Error: TLS handshake failed 2024-07-29 09:26:23 Fatal TLS error (check_tls_errors_co), restarting 2024-07-29 09:26:23 SIGTERM[soft,tls-error] received, process exiting