client.openvpn.net Certificate Problem

Post Reply
twilley
OpenVpn Newbie
Posts: 1
Joined: Thu Sep 14, 2017 8:40 pm

client.openvpn.net Certificate Problem

Post by twilley » Thu Sep 14, 2017 9:18 pm

Hello,

I'm noticing that on the login page, a request is made to https://client.openvpn.net:946/detect.p ... =timestamp. However on recent versions of Chrome (58+), this is blocked because the Certificate in use by that server does not have a Subject Alternative Name. See https://productforums.google.com/forum/ ... 19ZxwjaCjw and https://www.chromestatus.com/features/4981025180483584 for some context.

When attempting to browse directly to the URL, Chrome presents the following error message:
Your connection is not private

Attackers might be trying to steal your information from client.openvpn.net (for example, passwords, messages, or credit cards).

NET::ERR_CERT_COMMON_NAME_INVALID

Clicking "Advanced" adds the following message:
This server could not prove that it is client.openvpn.net; its security certificate does not specify Subject Alternative Names. This may be caused by a misconfiguration or an attacker intercepting your connection.

novaflash
OpenVPN Expert
Posts: 434
Joined: Fri Apr 13, 2012 8:43 pm

Re: client.openvpn.net Certificate Problem

Post by novaflash » Fri Sep 15, 2017 7:01 am

It's unfortunately a known problem caused by browsers changing the way certificates are accepted. It's being worked by basically changing everything about how the communication between client and server works. In the meantime, just use the tray icon to make a connection.

Post Reply