Closed lucasapereira closed 4 years ago
I have the same problem with the stable version: ERROR: SSL_connect: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small You might want to try --insecure-ssl or specify a different --cipher-list
Please checkout here: https://hadler.me/2020/04/openfortigui-ubuntu2004-status/
@theinvisible - Is the above URL correct ? I'm getting:
Ah - it's just Safari that is unhappy with the cert. Got there via another browser. Thank you
Update: Works beautifully with your preview build openfortigui_99.9.1057-1_amd64_focal.deb :-)
Latests packages did not work for me. But I have tested openfortivpn commandline and I have found a workaround; set --cipher-list 'DEFAULT:!DH'
Latest build from homepage works. To detect ubuntu version, make lsb-release a dep:
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04 LTS
Release: 20.04
Codename: focal
This seems also to be more like a generic problem when new openssl versions and older fortigate firmwares are used and unsecure ciphers are disabled. Please check you have a current firmware installed on your fortigate.
DEBUG: Setting min proto version to: 0x301 ERROR: SSL_connect: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small You might want to try --insecure-ssl or specify a different --cipher-list