Opened 7 months ago
Last modified 3 months ago
#1444 new Bug / Defect
Fatal TLS error
| Reported by: | lauri.laanenurm | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | |
| Component: | Certificates | Version: | OpenVPN 2.5.1 (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: |
Description
Linux distribution: Ubuntu 22.04 Jammy
OpenVPN client version:
OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 18 2021
library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
The Client profile uses:
cipher AES-128-CBC
auth SHA256
When trying to connect to Sophos XG OpenVPN server, I get the following errors and I am unable to get connected:
2022-01-26 11:38:21 OpenSSL: error:0A0C0103:SSL routines::internal error
2022-01-26 11:38:21 TLS_ERROR: BIO read tls_read_plaintext error
2022-01-26 11:38:21 TLS Error: TLS object -> incoming plaintext read error
2022-01-26 11:38:21 TLS Error: TLS handshake failed
2022-01-26 11:38:21 Fatal TLS error (check_tls_errors_co), restarting
2022-01-26 11:38:21 SIGUSR1[soft,tls-error] received, process restarting
2022-01-26 11:38:21 Restart pause, 5 second(s)
2022-01-26 11:38:22 SIGINT[hard,init_instance] received, process exiting
Change History (4)
comment:1 Changed 7 months ago by
comment:2 Changed 6 months ago by
Closest match would indicate a TLS 1.1 connection is used and OpenSSL 3.x wants special settings.
May also be similar tigtening of restrictions I'm not aware of (Cert signature schemes as in OpenSSL 1.1).
You could test OpenVPN client config with
tls-cipher "DEFAULT:@SECLEVEL=0"
Not recommended for long-term operation.
Try to somehow use TLS 1.2 and/or achieve a setup where this setting is no longer required.
comment:3 Changed 6 months ago by
There is a bit of information lacking here, but it should be noted that OpenSSL 3.0.1 disallows a lot of "insecure" stuff by default - and what tends to bite people quite often is SHA1 certificates. The @SECLEVEL=0 trick suggested by becm should help with this.
(I do wonder if 2.5 + 3.0.1 does work at all if BF-CBC is needed, as there is no code in 2.5 to load the "legacy provider" that is needed for BF-CBC... but if the server is sufficiently recent, it would negotiate AES-256-GCM anyway, thus making this a non-issue)
comment:4 Changed 3 months ago by
Update on this: 2.5.7 - to be released next Tuesday - will contain better support for OpenSSL 3.0.x, and we try to bring that into Ubuntu 22.04 (or at least the relevant patches).
It will still need extra options to accept SHA1 hashes (--tls-cert-profile insecure) or support old RC2/BF-CBC/... ciphers (--providers legacy default) - this is the way OpenSSL 3.0 went.
So, best way forward is to upgrade your CA to RSA256 and use AES-256-GCM ciphers everywhere...
(I do wonder why there is an 2.5.1 client in the original post... this is way older than what ubuntu 22 should be shipping)
Which version of Openvpn is your server using ?