error:0A000152:SSL routines::unsafe legacy renegotiation disabled
Posted: Fri Oct 13, 2023 10:14 pm
Hi, I need help with the following issue.
After updating to OpenVPN 3.4.0 (5457) on iOS, "error:0A000152:SSL routines::unsafe legacy renegotiation disabled" occur when trying to connect.
In Settings -> Advanced Options, I have the Insecure (Not Recommended) option selected.
However, this doesn't help, I still can't connect...
Client Logs (## IP, PORT & DOMAIN removed for privacy ##):
Server Logs (## IP & PORT removed for privacy ##):
After updating to OpenVPN 3.4.0 (5457) on iOS, "error:0A000152:SSL routines::unsafe legacy renegotiation disabled" occur when trying to connect.
In Settings -> Advanced Options, I have the Insecure (Not Recommended) option selected.
However, this doesn't help, I still can't connect...
Client Logs (## IP, PORT & DOMAIN removed for privacy ##):
Code: Select all
[Oct 13, 2023, 23:47:09] START CONNECTION
[Oct 13, 2023, 23:47:09] ----- OpenVPN Start -----
OpenVPN core 3.8.2connect1 ios arm64 64-bit
[Oct 13, 2023, 23:47:09] OpenVPN core 3.8.2connect1 ios arm64 64-bit
[Oct 13, 2023, 23:47:09] Frame=512/2112/512 mssfix-ctrl=1250
[Oct 13, 2023, 23:47:09] EVENT: RESOLVE
[Oct 13, 2023, 23:47:09] Contacting <IP:PORT> via UDP
[Oct 13, 2023, 23:47:09] EVENT: WAIT
[Oct 13, 2023, 23:47:09] Connecting to [<DOMAIN>]:<PORT> (<IP>) via UDP
[Oct 13, 2023, 23:47:10] EVENT: CONNECTING
[Oct 13, 2023, 23:47:10] Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
[Oct 13, 2023, 23:47:10] Creds: UsernameEmpty/PasswordEmpty
[Oct 13, 2023, 23:47:10] Sending Peer Info:
IV_VER=3.8.2connect1
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=990
IV_MTU=1600
IV_CIPHERS=AES-128-CBC:AES-192-CBC:AES-256-CBC:DES-CBC:DES-EDE3-CBC:BF-CBC:AES-128-GCM:AES-192-GCM:AES-256-GCM:CHACHA20-POLY1305
IV_LZO=1
IV_AUTO_SESS=1
IV_GUI_VER=net.openvpn.connect.ios_3.4.0-5457
IV_SSO=webauth,openurl,crtext
IV_BS64DL=1
[Oct 13, 2023, 23:47:10] Client exception in transport_recv_excode: OpenSSLContext::SSL::read_cleartext: BIO_read failed, cap=2640 status=-1: error:0A000152:SSL routines::unsafe legacy renegotiation disabled
[Oct 13, 2023, 23:47:10] Client terminated, restarting in 2000 ms...
Code: Select all
Oct 13 23:48:09 openvpn[534]: <IP:PORT> TLS Error: TLS handshake failed
Oct 13 23:48:09 openvpn[534]: <IP:PORT> TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Oct 13 23:47:09 openvpn[534]: <IP:PORT> LZO compression initialized
Oct 13 23:47:09 openvpn[534]: <IP:PORT> Re-using SSL/TLS context