search

schwabe / ics-openvpn

OpenVPN for Android
3.36k stars 1.2k forks source link

TLS_ERROR: BIO read tls_read_plaintext error #1504

Closed someoneIG closed 2 years ago

someoneIG commented 2 years ago

General information

  1. Android Version: 11
  2. Device: Xiaomi Redmi Note 8Pro
  3. Version of the app: 0.7.37

Description of the issue

Couldn't connect to some servers, but I can connect to that server with official OpenVPN app

and I can connect with this app to another config file similar to this one that I can't connect to.

Log (if applicable)

23:22 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=US, ST=VPN, L=VPN, O=VPN, OU=VPN, CN=vpn, name=VPN, serial=1
23:22 OpenSSL: error:0A000086:SSL routines::certificate verify failed
23:22 TLS_ERROR: BIO read tls_read_plaintext error
23:22 TLS Error: TLS object -> incoming plaintext read error
23:22 TLS Error: TLS handshake failed

Configuration file

dev tun
proto udp
remote bhx-c01.vpn.wlvpn.com 1194
remote bhx-c02.vpn.wlvpn.com 1194
remote bhx-c06.vpn.wlvpn.com 1194
remote bhx-c07.vpn.wlvpn.com 1194
remote bhx-c08.vpn.wlvpn.com 1194
remote bhx-c09.vpn.wlvpn.com 1194
remote bhx-c10.vpn.wlvpn.com 1194
remote bhx-c11.vpn.wlvpn.com 1194
remote bhx-c12.vpn.wlvpn.com 1194
remote bhx-c13.vpn.wlvpn.com 1194
remote bhx-c05.vpn.wlvpn.com 1194
remote bhx-c14.vpn.wlvpn.com 1194
remote bhx-c04.vpn.wlvpn.com 1194
remote bhx-c03.vpn.wlvpn.com 1194
remote-random
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
<ca>
-----BEGIN CERTIFICATE-----
MIIESDCCAzCgAwIBAgIJAKSqvk2CSdJGMA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNV
BAYTAlVTMQwwCgYDVQQIEwNWUE4xDDAKBgNVBAcTA1ZQTjEMMAoGA1UEChMDVlBO
MQwwCgYDVQQLEwNWUE4xDDAKBgNVBAMTA1ZQTjEMMAoGA1UEKRMDVlBOMRIwEAYJ
KoZIhvcNAQkBFgNWUE4wHhcNMTMwNDI1MDIzMjQ3WhcNMjMwNDI3MDIzMjQ3WjB1
MQswCQYDVQQGEwJVUzEMMAoGA1UECBMDVlBOMQwwCgYDVQQHEwNWUE4xDDAKBgNV
BAoTA1ZQTjEMMAoGA1UECxMDVlBOMQwwCgYDVQQDEwNWUE4xDDAKBgNVBCkTA1ZQ
TjESMBAGCSqGSIb3DQEJARYDVlBOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUr2BAz2gHGaXri6rWMpKqcvVTX3IOSLEfBWf1fb2zCwx0+GFMG258Yk
OCiQho/YOX58bJpssGI42OzZitSisTVpXNIBelzGUPdKgx0qURGgDW+7eOySJYCn
1EUncElJCHt1so0SbfdQpxA88VZMH9fFOKtLY5qHHi0drXm/wZy+zW7TfV5Lce04
6vv2M9I5/Ko4zZ5Vh6jTo2VrCQRw8goXB5NAdU5D76lVhWK4Zzt4woI8nRW5Ev3A
WEw5oX85j5B0TY9nEi5j0vNYBuMxf/GiLO8M8LCHPX0HYBiLDjZesJCvuG3vfwnA
Y5CJQqNjufpmnF3ivsaF0dGeo54kWQIDAQABo4HaMIHXMB0GA1UdDgQWBBQXnwHk
vpHSf/lMacKoKshAcGM2qTCBpwYDVR0jBIGfMIGcgBQXnwHkvpHSf/lMacKoKshA
cGM2qaF5pHcwdTELMAkGA1UEBhMCVVMxDDAKBgNVBAgTA1ZQTjEMMAoGA1UEBxMD
VlBOMQwwCgYDVQQKEwNWUE4xDDAKBgNVBAsTA1ZQTjEMMAoGA1UEAxMDVlBOMQww
CgYDVQQpEwNWUE4xEjAQBgkqhkiG9w0BCQEWA1ZQToIJAKSqvk2CSdJGMAwGA1Ud
EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADAbNIIHF5vtCA+69/oipQ6niZit
Q+mnCNX5bxiF4xtw9qOQ90vLDc/ocbAGGP4Sub3hEkOoQlv9DHH56HVq1g9+L/Y7
RoneRykZ+GSPj2NlkobrPA7ZxAsLdFwM9Y+Fkql7cAHHLUCKh7H1IKidhTDHPCUj
hs4ZstNRckPd6wxlGGOP/Yf5sVse3pJwa0HyMYhI8pdTVJIHnFSy9vTPjVf3oWiz
Trci0+SkYKQE//5pE5wsYe0uB5wvQJslq/eEWfczg0l9biwJxG/qwxsVBkRgw5q6
defHWGj1eucVyy9fxKMcX89gjstQZDmsINNtG1C78/+nYS65rqaBaq+rqpA=
-----END CERTIFICATE-----
</ca>
tls-client
remote-cert-tls server
auth-user-pass
compress lzo
verb 3
auth SHA256
cipher AES-256-CBC