When trying to establish connection to IPvanish service using OpenVpn 2.3.1, freeBSD 9.1 port, I kept getting:
Code: Select all
Fri May 31 14:15:30 2013 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
14:15:30 2013 No valid translation found for TLS cipher 'DHE-DSS-AES256-SHA:AES256-SHA'
14:15:30 2013 Failed to set restricted TLS cipher list, too long (>zu). (OpenSSL)
14:15:30 2013 Exiting due to fatal error
openvpn.conf:
Code: Select all
client
dev tun
proto tcp
remote sto-b01.ipvanish.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.ipvanish.com.crt
tls-remote sto-b01.ipvanish.com
auth-user-pass
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA
script-security 2
Code: Select all
ssl_openssl.c:l221:
end_of_cipher = strcspn(&ciphers[begin_of_cipher], ":");
Code: Select all
end_of_cipher = begin_of_cipher + strcspn(&ciphers[begin_of_cipher], ":");