Is there a way to encrypt the exchange of certificates ?

Scripts to manage certificates or generate config files

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
evilroach
OpenVpn Newbie
Posts: 19
Joined: Sat Oct 10, 2015 8:56 pm

Is there a way to encrypt the exchange of certificates ?

Post by evilroach » Sun Oct 11, 2015 11:13 am

Hi,guys!

Because the GFW(Great Firewall) of the goverment of China interferes the process of certificates exchange,
the OpenVPN's authentication always fails.
A probable reason is that the GFW is listening into the process of negotiation, and send a TCP_RESET to client or server once it has recognized some sort of certificates in the traffic, especially most of certificates has a Common Name as "Open VPN Technology...".
In the UDP protocol mode, it also can cut off the traffic in same case.

If we can exchange certificates in some encrypted manner (with a pre-shared static key ?), instead of using plain text, can we encounter this interfere ? Of course, we must distrub the pre-shared key in another secure channel.

Sorry for my lame incondite English, I'm a Chinese.
Thanks a lot.

Post Reply