OpenVPN - ECC with Secp256k elliptic curve does not work anymore
-
Hi, I am with a VPN providor that uses ECC with Secp256k elliptic curve encryption, this used to work fine, but after the 2.7 upgraded i could not make a connection anymore, with the error shown below. Working with my VPN provider they mentioned they have encountered this before and its a PFSense issue, as standlone OpenVPN works correctly. Before I raise a ticket want to see if anyone else has encountered this error?
Thanks
ul 7 23:16:57 openvpn 9356 SIGUSR1[soft,tls-error] received, process restarting
Jul 7 23:16:57 openvpn 9356 TLS Error: TLS handshake failed
Jul 7 23:16:57 openvpn 9356 TLS Error: TLS object -> incoming plaintext read error
Jul 7 23:16:57 openvpn 9356 TLS_ERROR: BIO read tls_read_plaintext error
Jul 7 23:16:57 openvpn 9356 OpenSSL: error:0A000127:SSL routines::no suitable groups:No groups enabled for max supported SSL/TLS version
Jul 7 23:16:57 openvpn 9356 UDPv4 link remote: [AF_INET]************
Jul 7 23:16:57 openvpn 9356 UDPv4 link local (bound): [AF_INET]*************
Jul 7 23:16:57 openvpn 9356 TCP/UDP: Preserving recently used remote address: [AF_INET]************
Jul 7 23:16:57 openvpn 9356 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts -
Have you generated new certificates yet?
-
Hi, I have updated the VPN CA and TLS certificates, if that what you meant? Sorry I am a beginner with VPN related stuff, still learning how it all works, thanks!
