With OpenVPN connect 3.4.2 I get the following warning, although the connection is working.
"WARN TLS: received certificate signed with SHA1. Please inform your admin to upgrade to a stronger algorithm. Support for SHA1 signatures will be dropped in the future"
Code: Select all
⏎[Jan 17, 2024, 14:49:02] Connecting to [domain.xyz]:446 (37.24.213.50) via TCPv4
⏎[Jan 17, 2024, 14:49:02] EVENT: CONNECTING ⏎[Jan 17, 2024, 14:49:02] Tunnel Options:V4,dev-type tun,link-mtu 1604,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client
⏎[Jan 17, 2024, 14:49:02] Creds: Username/Password
⏎[Jan 17, 2024, 14:49:02] Peer Info:
IV_VER=3.6.7
IV_PLAT=mac
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_IPv6=0
IV_GUI_VER=OCmacOS_3.4.2-4547
IV_SSO=webauth,openurl,crtext
⏎[Jan 17, 2024, 14:49:04] SSL Handshake: peer certificate: CN=domain.xyz, 1024 bit RSA, cipher: DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
⏎[Jan 17, 2024, 14:49:04] Session is ACTIVE
⏎[Jan 17, 2024, 14:49:04] EVENT: WARN TLS: received certificate signed with SHA1. Please inform your admin to upgrade to a stronger algorithm. Support for SHA1 signatures will be dropped in the future⏎[Jan 17, 2024, 14:49:04] EVENT: GET_CONFIG ⏎[Jan 17, 2024, 14:49:04] Sending PUSH_REQUEST to server...
⏎[Jan 17, 2024, 14:49:05] Sending PUSH_REQUEST to server...
⏎[Jan 17, 2024, 14:49:07] Sending PUSH_REQUEST to server...
⏎[Jan 17, 2024, 14:49:07] OPTIONS:
We also tried OpenVPN Connect v2.7.1, this version also failed to connect.
Has OpenVPN Connect >= 3.4.3 removed the support for SHA1 signatures? I can not see anything mentioned in the below changelog.
https://openvpn.net/vpn-server-resource ... hange-log/
I must admit, I do not want to change anything regarding the server certificate, if I do not need to. At this time only one user can not use the VPN. It would be a catastrophe, if no user could use the VPN....