Can't connect to VPN after upgrading to Ubuntu 22.04

openvpn 22.04
6,360

I've just hit the same issue using IP-Vanish after having done a clean install of 22.04 after using 20.04 successfully for a long time.

I have tried both solutions, putting the lines in the top of the /etc/ssl/openssl.cnf file (copy/pasted to make sure there were no typos), and also adding the additional tls-cipher (and even replacing it) in the .ovpn file, but neither is allowing me to connect.

I've contacted IP-Vanish directly and included the information provided here.

I'd be grateful if anyone manages to solve this issue, and if IP-Vanish come back to me with a reply, I'll post it up.

UPDATE WITH SOLUTION:

IP-Vanish have returned with a temporary solution until they can update their certificates.

1: Add the VPN connection as normal using the Network Manager GUI

2: Edit the connection file in /etc/NetworkManager/system-connections/(connectionname).nmconnection where (connectionname) is the name of your VPN conection

3: In the [vpn] section, beneath the line that starts ca=, add a new line reading

tls-cipher=DEFAULT:@SECLEVEL=[0-5]

See here for security level information, and to gather which security level you should be using. For most, security level 0 will be adequate.

4: Save the file

5: Enter the command systemctl restart NetworkManager

6: Start the VPN connection as normal and it should connect (mine did anyway and I verified it by checking my IP and location)

Share:
6,360
GhitaB
Author by

GhitaB

keep calm and conquer the world

Updated on January 04, 2023

Comments

  • GhitaB
    GhitaB over 1 year 
    2022-05-10 17:07:15 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak:

2022-05-10 17:07:15 OpenSSL: error:0A000086:SSL routines::certificate verify failed

    I use openvpn (with 3 configuration files: .ovpn, .p12, .key, from my terminal: sudo openvpn with these parameters: --config --pkcs12 --tls-auth).

    Everything was working before upgrading to latest Ubuntu version. Then no connection possible and a lot of errors like that in the quote.

    I requested a new certificate from our sysadmins, and the problem remains. It was not a problem of expired certificate.

    I see this seems to be related to OpenSSL 3.0. And other people have the same issue.

    Our sysadmin said I should solve it on my computer for the moment. They will solve it on the server later.

    I already tried this: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1960268/comments/32 but no change.

    Can you help me to solve it, please? I am blocked in my work by this issue for 2 days already. Thank you. (Note I am really bad when I need to set/configure things... :) )

  • Admin
    Admin almost 2 years
    This solution also worked (partially) for me, having a similar issue to connect to a customer's VPN server. But I also needed to add this: cipher=BF-CBC
  • Admin
    Admin almost 2 years
    @colin I think it should be /etc/NetworkManager/system-connections/(connectionname).nmco‌​nnection
  • Admin
    Admin almost 2 years
    Also want to add, this will disable the security you normally get with a VPN.
  • Admin
    Admin almost 2 years
    @Noah Thanks for spotting that, I have updated my answer. Also thanks for the warning, I will reinstall Ubuntu 20.04 now so that I can carry on without needing to alter these files until IP-Vanish can release an update.
  • Admin
    Admin almost 2 years
    @Colin might be worth updating your answer with a warning about the security.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg)
Screen Share Not working in Ubuntu 22.04 (In all platforms zoom, teams, google meet, anydesk , etc.,)
SGX disabled by BIOS in Ubuntu 22.04
AnyDesk doesn’t work after upgrading to Ubuntu 22.04 LTS
How do you install qt on ubuntu22.04
wifi issues in ubuntu 22.04LTS
How do I use OpenSSL 1.1.1 in Ubuntu 22.04?
"Although GNOME Shell integration extension is running, native host connector is not detected" error in 22.04
MongoDB Install Fails on Ubuntu 22.04 - Depends on libssl1.1 but it is not installable
22.04 LTS "sudo do-release-upgrade" does not work