Opened 4 years ago

Last modified 20 months ago

#1182 assigned Bug / Defect

iOS: OpenVPN Connect v3.0.2.(894) errors out on mbedTLS ca bundle parsing

Reported by: foobarbaz Owned by: OpenVPN Inc.
Priority: major Milestone:
Component: OpenVPN Connect Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:


There seems to be a bug in the mbedTLS library that's being used in the OpenVPN Connect app.

The OpenVPN Connect version I'm using is 3.0.2.(894), running on iOS 12.1.2.

When I'm trying to connect to a OpenVPN server, it fails on:

mbed TLS: 1 certificate(s) in ca bundle failed to parse

This seems to happen in the NIP process.

Few lines before this error, I'm seeing an error message complaining about being denied access to a path.

NIP: Network status changed: key kind=1
    status = unsatisfied
    reasonCode = 2
    reason = Path was denied by NECP policy
    isViable = NO
    isExpensive = NO
    clientID = 87680882-2E77-4BCA-8D94-EA4434D60EDB
    mtu = 0

The cert chain is embedded in the imported OpenVPN configuration file, and all CAs in the cert chain are using RSA.

I do not have this issue with OpenVPN clients using OpenSSL.

Change History (2)

comment:1 Changed 2 years ago by Gert Döring

Owner: changed from yuriy to denys
Status: newassigned

comment:2 Changed 20 months ago by Antonio Quartulli

Owner: changed from denys to OpenVPN Inc.
Note: See TracTickets for help on using tickets.