search

vpnhood / VpnHood

Undetectable Fast Portable VPN
GNU Lesser General Public License v2.1
969 stars 146 forks source link

TLS error #491

Closed SalimiHabib closed 5 months ago

SalimiHabib commented 5 months ago

hi

we trying basic step to have an access server , when having asceses key by below code 


    AccessItem? accessItem = _accessManager.AccessItem_Create(1, "test", 0, DateTime.Now.AddHours(1));
    AccessKey = accessItem.Token.ToAccessKey();

it return this error in client side 


Erro 
| 14:03:51.7079 | Session | Disposing...
Exception: VpnHood.Client.Exceptions.ConnectorEstablishException: net_auth_SSPI
 ---> System.Security.Authentication.AuthenticationException: net_auth_SSPI
 ---> Interop+AndroidCrypto+SslException: Exception_WasThrown, Interop+AndroidCrypto+SslException
   Exception_EndOfInnerExceptionStack
   at System.Net.Security.SslStream.<ForceAuthenticationAsync>d__150`1[[System.Net.Security.AsyncReadWriteAdapter, System.Net.Security, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]].MoveNext()
   at VpnHood.Client.ConnectorServices.ConnectorServiceBase.GetTlsConnectionToServer(String streamId, CancellationToken cancellationToken)
   Exception_EndOfInnerExceptionStack
   at VpnHood.Client.ConnectorServices.ConnectorServiceBase.GetTlsConnectionToServer(String streamId, CancellationToken cancellationToken)
   at VpnHood.Client.ConnectorServices.ConnectorService.<SendRequest>d__2`1[[VpnHood.Tunneling.Messaging.HelloResponse, VpnHood.Tunneling, Version=3.3.470.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
   at VpnHood.Client.ConnectorServices.ConnectorService.<SendRequest>d__1`1[[VpnHood.Tunneling.Messaging.HelloResponse, VpnHood.Tunneling, Version=3.3.470.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
   at VpnHood.Client.ConnectorServices.ConnectorService.<SendRequest>d__1`1[[VpnHood.Tunneling.Messaging.HelloResponse, VpnHood.Tunneling, Version=3.3.470.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
   at VpnHood.Client.VpnHoodClient.<SendRequest>d__136`1[[VpnHood.Tunneling.Messaging.HelloResponse, VpnHood.Tunneling, Version=3.3.470.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
   at VpnHood.Client.VpnHoodClient.ConnectInternal(CancellationToken cancellationToken, Boolean redirecting)
   at VpnHood.Client.VpnHoodClient.Connect(CancellationToken cancellationToken)

how we can handle certificate in server and access server ,can it be self-sign thank you

trudyhood commented 5 months ago

It is good to see that you could manage creating a token using the API. The Access Server can handle both self-signed and CA-trusted certificates. I am not sure why you are getting that error. I recommend that you first use the UI to ensure your server is running and then start automating the process using the API.

Ensure that your server certificate has not been changed after creating the token. The VpnHood client connects to self-signed certificates and matches the certificate hash in the token. If the certificate changes after the token is created, it will not work unless it is a CA-trusted certificate. Let me know if the error persists.