You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Anonine certificate check fails. Maybe the config files needs updating?
Thanks!
Anything else?
Log file:
Starting container with revision: 07f5a2b9aea5028c9bb75438c1552708e91dde71
TRANSMISSION_HOME is currently set to: /config/transmission-home
Creating TUN device /dev/net/tun
Using OpenVPN provider: ANONINE
Running with VPN_CONFIG_SOURCE auto
No bundled config script found for ANONINE. Defaulting to external config
Will get configs from https://github.com/haugene/vpn-configs-contrib.git
Repository is already cloned, checking for update
Already up to date.
Already on 'main'
Your branch is up to date with 'origin/main'.
Found configs for ANONINE in /config/vpn-configs-contrib/openvpn/anonine, will replace current content in /etc/openvpn/anonine
Starting OpenVPN using config Sweden-Stockholm.ovpn
Modifying /etc/openvpn/anonine/Sweden-Stockholm.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Modification: Updating status for config failure detection
Setting OpenVPN credentials...
adding route to local network 10.0.0.0/16 via 172.26.0.1 dev eth0
2024-07-29 09:26:23 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-07-29 09:26:23 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-07-29 09:26:23 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
2024-07-29 09:26:23 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2024-07-29 09:26:23 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-07-29 09:26:23 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 TCP/UDP: Preserving recently used remote address: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 Socket Buffers: R=[131072->131072] S=[16384->16384]
2024-07-29 09:26:23 Attempting to establish TCP connection with [AF_INET]185.5.46.97:1195 [nonblock]
2024-07-29 09:26:23 TCP connection established with [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TCP_CLIENT link local: (not bound)
2024-07-29 09:26:23 TCP_CLIENT link remote: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TLS: Initial packet from [AF_INET]185.5.46.97:1195, sid=a1be04c2 231985e6
2024-07-29 09:26:23 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=GB, ST=LN, L=London, O=vpnsvc, OU=vpnsvc, CN=vpnsvc, name=vpnsvc, emailAddress=[email protected], serial=1 2024-07-29 09:26:23 OpenSSL: error:0A000086:SSL routines::certificate verify failed
2024-07-29 09:26:23 TLS_ERROR: BIO read tls_read_plaintext error
2024-07-29 09:26:23 TLS Error: TLS object -> incoming plaintext read error
2024-07-29 09:26:23 TLS Error: TLS handshake failed
2024-07-29 09:26:23 Fatal TLS error (check_tls_errors_co), restarting
2024-07-29 09:26:23 SIGTERM[soft,tls-error] received, process exiting
The text was updated successfully, but these errors were encountered:
Do you have the latest provider files?
Have you tested the provider files?
Can you create a PR for this config?
Provider details
Anonine certificate check fails. Maybe the config files needs updating?
Thanks!
Anything else?
Log file:
Starting container with revision: 07f5a2b9aea5028c9bb75438c1552708e91dde71
TRANSMISSION_HOME is currently set to: /config/transmission-home
Creating TUN device /dev/net/tun
Using OpenVPN provider: ANONINE
Running with VPN_CONFIG_SOURCE auto
No bundled config script found for ANONINE. Defaulting to external config
Will get configs from https://github.com/haugene/vpn-configs-contrib.git
Repository is already cloned, checking for update
Already up to date.
Already on 'main'
Your branch is up to date with 'origin/main'.
Found configs for ANONINE in /config/vpn-configs-contrib/openvpn/anonine, will replace current content in /etc/openvpn/anonine
Starting OpenVPN using config Sweden-Stockholm.ovpn
Modifying /etc/openvpn/anonine/Sweden-Stockholm.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Modification: Updating status for config failure detection
Setting OpenVPN credentials...
adding route to local network 10.0.0.0/16 via 172.26.0.1 dev eth0
2024-07-29 09:26:23 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-07-29 09:26:23 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-07-29 09:26:23 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
2024-07-29 09:26:23 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2024-07-29 09:26:23 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-07-29 09:26:23 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2024-07-29 09:26:23 TCP/UDP: Preserving recently used remote address: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 Socket Buffers: R=[131072->131072] S=[16384->16384]
2024-07-29 09:26:23 Attempting to establish TCP connection with [AF_INET]185.5.46.97:1195 [nonblock]
2024-07-29 09:26:23 TCP connection established with [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TCP_CLIENT link local: (not bound)
2024-07-29 09:26:23 TCP_CLIENT link remote: [AF_INET]185.5.46.97:1195
2024-07-29 09:26:23 TLS: Initial packet from [AF_INET]185.5.46.97:1195, sid=a1be04c2 231985e6
2024-07-29 09:26:23 VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=GB, ST=LN, L=London, O=vpnsvc, OU=vpnsvc, CN=vpnsvc, name=vpnsvc, emailAddress=[email protected], serial=1
2024-07-29 09:26:23 OpenSSL: error:0A000086:SSL routines::certificate verify failed
2024-07-29 09:26:23 TLS_ERROR: BIO read tls_read_plaintext error
2024-07-29 09:26:23 TLS Error: TLS object -> incoming plaintext read error
2024-07-29 09:26:23 TLS Error: TLS handshake failed
2024-07-29 09:26:23 Fatal TLS error (check_tls_errors_co), restarting
2024-07-29 09:26:23 SIGTERM[soft,tls-error] received, process exiting
The text was updated successfully, but these errors were encountered: