Update Centos 6.x to 6.9 and fail connect to Openvpn!

This week update to last vesion of centos 6.9 and find Openvpn do not work.

Error: ERROR: depth=0, error=certificate signature failure:
OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned

RHEL 6.9 / Centos 6.9 remove Deprecated Insecure Algorithms and Protocols link.

More info: CentOS 6.9 Release Notes

Solution 1:  Remove old keys from your Openvpn server and create new key.
Solution 2: Add exception for keys you have now but don’t forget to change keys in soon as posible.

Exception:

echo -e “LegacySigningMDs md2 md5\nMinimumDHBits 512\n” >> /etc/pki/tls/legacy-settings
service openvpn restart

Enjoy for today !

4 thoughts on “Update Centos 6.x to 6.9 and fail connect to Openvpn!”

    1. I have the same problem.
      Sat Dec 16 22:00:10 2017 177.149.65.35:64758 OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
      Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS_ERROR: BIO read tls_read_plaintext error
      Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS Error: TLS object -> incoming plaintext read error
      Sat Dec 16 22:00:10 2017 177.149.65.35:64758 TLS Error: TLS handshake failed

      1. What linux do you have ?
        Did you try the 2nd variant/solution ?

        echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
        service openvpn restart
        
        What version of openvpn is ?

Leave a Reply

Your email address will not be published. Required fields are marked *

8 + 9 =


This site uses Akismet to reduce spam. Learn how your comment data is processed.