Mikrotik-OVPN server vs iOS client, Please HELP!

Post Reply
J
OpenVpn Newbie
Posts: 1
Joined: Thu Jul 20, 2017 1:37 pm

Mikrotik-OVPN server vs iOS client, Please HELP!

Post by J » Thu Jul 20, 2017 2:16 pm

Dear All!

Please help with configuration openVPN on Mikrotik+iOS

I follow this instruction
http://techiezone.rottigni.net/2016/09/ ... nt-page-1/
and got everything worked on my Mac+TunnelBlick

For first, on iOS, i have following problem:
2017-07-17 16:47:38 ----- OpenVPN Start -----
OpenVPN core 3.1.2 ios arm64 64-bit built on Dec 5 2016 12:50:25
2017-07-17 16:47:38 Frame=512/2048/512 mssfix-ctrl=1250
2017-07-17 16:47:38 EVENT: CORE_ERROR PolarSSL: error parsing config private key : PKCS5 - Requested encryption or digest alg not available [ERR]
2017-07-17 16:47:38 Raw stats on disconnect:
2017-07-17 16:47:38 Performance stats on disconnect:
CPU usage (microseconds): 7069
Network bytes per CPU second: 0
Tunnel bytes per CPU second: 0
2017-07-17 16:47:38 EVENT: DISCONNECT_PENDING
2017-07-17 16:47:38 ----- OpenVPN Stop -----


To use .key file on ios, i convert them by commands:

From a shell, to decrypt the key (remove the passphrase):
openssl rsa -in [key-encrypted-old].key -out [key-unencrypted].key

To re-encrypt the key w. T-DES:
openssl rsa -in [key-unencrypted].key -des3 -out [key-encrypted-new].key

And it was solved.

And now i get next error.

2017-07-17 17:47:42 VERIFY OK: depth=0
cert. version : 3
serial number : 09:07:E5:64:03:9B:66:EA
issuer name : CN=RoarinCA
subject name : CN=RoarinCA
issued on : 2017-07-17 06:13:33
expires on : 2018-07-17 06:13:33
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign

2017-07-17 17:47:42 Client exception in transport_recv_excode: PolarSSL: SSL read error : SSL - Processing of the Certificate handshake message failed
2017-07-17 17:47:42 Client terminated, restarting in 2000 ms...
2017-07-17 17:47:44 EVENT: RECONNECTING
2017-07-17 17:47:44 EVENT: RESOLVE
2017-07-17 17:47:44 Contacting 85.95.153.209:1194 via TCP
2017-07-17 17:47:44 EVENT: WAIT
2017-07-17 17:47:44 SetTunnelSocket returned 1
2017-07-17 17:47:44 Connecting to [85.95.153.209]:1194 (85.95.153.209) via TCPv4
2017-07-17 17:47:44 EVENT: CONNECTING
2017-07-17 17:47:45 Tunnel Options:V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
2017-07-17 17:47:45 Creds: Username/Password
2017-07-17 17:47:45 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2

I can send my .ovpn file

Pleasssseeee HELP

Best Regards,
Sergey L. Mityurev

roger.hermes
OpenVpn Newbie
Posts: 1
Joined: Fri Jul 28, 2017 8:51 pm

Re: Mikrotik-OVPN server vs iOS client, Please HELP!

Post by roger.hermes » Mon Jul 31, 2017 10:50 am

i'm getting exactly the same error...
if i use the client certificate and enable the option askpass on ovpn file, then i get the error

"PolarSSL: error parsing config private key : PKCS5 - Requested encryption or digest alg not available [ERR]"

But if i Disable the option AskPass and remove the client cert, i get this another error:

"Client exception in transport_recv_excode: PolarSSL: SSL read error : SSL - Processing of the Certificate handshake message failed"

Please heellp!

Post Reply