ANSWERED (urgent) can't connect to VPN anymore on OpenVPN for Android 0.7.25

[Qpb22uGL 2]

I just updated OpenVPN for Android to 0.7.25 (update was released on Oct 4 2021). Android 11, October 2021 security patch.

I now can not connect to any AirVPN server anymore using the .ovpn files from the config generator. This is what it shows when I try to connect:

OpenSSL: error:0A00018E:SSL rountines::ca md too weak
OpenSSL reported a certificate with a weak hash, please the in app FAQ about weak hashes
MGMT: Got unrecognized command>FATAL:Cannot load inline certificate file
Cannot load inline certificate file
Exiting due to fatal error
Process exited with exit value 1

[OpenSourcerer 1435]

Puzzling. Closest I could find is that the project switched to OpenSSL 3.0 which seems to deem any certs signed with SHA1 as weak now. But the only certs signed with SHA1 on AirVPN are old ones which you can't even generate nowadays.
For a closer look one needs the whole log from the app.
Eh, no, this is the problem. The certificate is SHA512, the CA actually is SHA1. So it's definitely something AirVPN should look into.

[kmartinez237 0]

10 minutes ago, OpenSourcerer said:

Puzzling. Closest I could find is that the project switched to OpenSSL 3.0 which seems to deem any certs signed with SHA1 as weak now. But the only certs signed with SHA1 on AirVPN are old ones which you can't even generate nowadays.
For a closer look one needs the whole log from the app.

I just updated OpenVPN for Android a few hours ago, and I am getting a similar error message. I'm worried about posting the whole Log, for privacy concerns. Should I still post it here, or should I message it to you?

[OpenSourcerer 1435]

Not necessary, I think. It really looks like AirVPN's CA cert must be reissued with a stronger hashing algorithm. It's the only permanent solution.

[Staff 9972]

Hello!

Signature of a root CA certificate is there only as a dummy one, and the verification of a CA certificate is not based on any signature, obviously. So, there is no security hazard coming from the signature algorithm of a root CA certificate.

Anyway if the source of the problem is the one you mention we will plan some solution to have OpenVPN for Android compatible again. It will take some time, so you might consider to run Eddie Android edition 2.4 or 2.5 alpha in the meantime.

"The purpose of the signature in a certificate chain is that a higher authority certifies a lower authority. For a root CA, there is no higher authority by definition (that's what "root" means), so there is nobody who could possibly sign the certificate. Since, as was mentioned, certificates must be signed, root CAs are signed with a "dummy" signature, and the simplest way to do that, is to self-sign. So, not only is there no need to verify, the very idea of verifying the signature of a root CA is non-sensical."
Jörg W Mittag, in https://serverfault.com/questions/837994/why-are-ca-root-certificates-all-sha-1-signed-since-sha-1-is-deprecated

Kind regards
                      

[OpenSourcerer 1435]

I came to the conclusion due to the changelog mentioning:

Quote

* X509 certificates signed using SHA1 are no longer allowed at security level 1 and above.

*Kurt Roeckx*

Since a CA cert is also a X.509 cert, since OpenVPN errors out with "ca md too weak" and since OpenSSL puts out this line if read with -text:

Quote

Signature Algorithm: sha1WithRSAEncryption

I made an educated guess that it must be this. Even though it may be nonsensical when we look at CA certs. Because, where else may that be coming from? The <cert> is sha512WithRSAEncryption.

I've also looked into possible options/switches to suppress this check until a more general solution is available. So far I only stumbled upon a compiler flag for OpenSSL 3 disabling this behavior altogether, but it may be useful in other use cases; probably too much collateral damage. And OpenVPN itself simply invokes OpenSSL to do its checks, the logs outline it quite clearly. Probably nothing anyone can do with a quick OpenVPN directive, either. And to lower the security level… don't know if you can do that. I found --tls-cert-profile directive in the OpenVPN manual but it mentions 1 being the lowest security level, already called "legacy"…

[Baryshnikov 2]

This issue is also be discussed on snbforums. There the same thing is happening to Asus router users running Merlin firmware. Users affected just updated their Android VPN client this morning.

https://www.snbforums.com/threads/openvpn-server-issue.75087/#post-717031

[Staff 9972]

@OpenSourcerer
@77festus77

Thank you. Can you tell us how you reproduced the problem? In our current tests, OpenVPN for Android 0.7.25 (latest version on the Play Store) connects fine to our servers, both on entry-IP addresses 1 and 3. Tested on various devices based on Android 6, 10, 11. Apart from various app explosions, when it does not crash it connects fine.

Kind regards
 

[Baryshnikov 2]

@OpenSorcerer
@Staff

I did not reproduce the problem as I am not an Android user - I was just letting you know that it was just being reported by others beside AirVPN users

[Clodo 176]

If you have this issue, please try to download this file: https://airvpn.org/static/keys/ca512.crt  and replace CA crt in "OpenVPN for Android" config.
I'm waiting for feedback. Thanks.

[checkk 0]

5 hours ago, Clodo said:

If you have this issue, please try to download this file: https://airvpn.org/static/keys/ca512.crt  and replace CA crt in "OpenVPN for Android" config.
I'm waiting for feedback. Thanks.

I'm a bit of a noob, so I've tried adding this .crt file to my config and now another error coming up saying " openssl reported a certificate with a weak hash, please..."
 

[OpenSourcerer 1435]

13 hours ago, Staff said:

Can you tell us how you reproduced the problem?

Primarily a question to @Qpb22uGL and @kmartinez237, they originally reported this.

[Sergey2k 0]

Confirming the error. Yesterday I could not connect to the Asus RT-N66U router (Original firmware) from Android 7.1.1. From Windows and linux not problems.

2021-10-07 08:03:52 OpenVPN 2.5-icsopenvpn [git:icsopenvpn/v0.7.25-0-g4a9cbd88] armeabi-v7a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct  4 2021
2021-10-07 08:03:52 library versions: OpenSSL 3.0.0 7 sep 2021, LZO 2.10
2021-10-07 08:03:52 MANAGEMENT: Connected to management server at /data/user/0/de.blinkt.openvpn/cache/mgmtsocket
2021-10-07 08:03:52 MANAGEMENT: CMD 'version 3'
2021-10-07 08:03:52 MANAGEMENT: CMD 'hold release'
2021-10-07 08:03:52 MANAGEMENT: CMD 'username 'Auth' user1'
2021-10-07 08:03:52 MANAGEMENT: CMD 'bytecount 2'
2021-10-07 08:03:52 MANAGEMENT: CMD 'password [...]'
2021-10-07 08:03:52 MANAGEMENT: CMD 'state on'
2021-10-07 08:03:52 MANAGEMENT: CMD 'proxy NONE'
2021-10-07 08:03:53 MGMT: Got unrecognized command>FATAL:Cannot load inline certificate file
2021-10-07 08:03:53 OpenSSL: error:0A00018E:SSL routines::ca md too weak
2021-10-07 08:03:53 OpenSSL reported a certificate with a weak hash, please the in app FAQ about weak hashes
2021-10-07 08:03:53 MANAGEMENT: Client disconnected
2021-10-07 08:03:53 Cannot load inline certificate file
2021-10-07 08:03:53 Exiting due to fatal error
2021-10-07 08:03:53 Process exited with exit value 1
 

[rprimus 2]

Thu Oct  7 07:49:32 BST 2021

@Clodo

> If you have this issue, please try to download this file: https://airvpn.org/static/keys/ca512.crt  and replace CA crt in "OpenVPN for Android" config.

Have verified the new signature:
Signature Algorithm: sha512WithRSAEncryption
however, still getting the error:

OpenSSL: error:0A00018E:SSL routines::ca md too weak

It appears that this is being generated from the embedded client cert:
Signature Algorithm: sha1WithRSAEncryption

Ref:  https://github.com/schwabe/ics-openvpn/issues/1374#issuecomment-935944072

Update:  from schwabe:
"As for the CA. OpenSSL might also be upset by the CA sent by the server and not just the one used in the profile itself."

 

[Staff 9972]

Hello!

The current state of play as well as important clarifications.
 

• The issue occurs only in those OpenVPN clients linked against OpenSSL 3 and only to some of our users, see below
• Since 2017, our system generates CRT signed with SHA512 algorithm. Previously they were signed with SHA1.
• Regeneration of old CRT is not triggered and forced by us automatically, because it would invalidate any previous OVPN configuration file out there and lock out the user who does not follow our forum, notification e-mails etc.
• @rprimus you have a client CRT (user.crt) dated 2015. You and anybody else using pre-2017 user certificates: please go to your "Client Area" > "Devices" menu, renew your cert/key pair, re-download your OVPN configuration files from the Configuration Generator, use them and you will be fine. (*) The problem has never been caused by the CA certificate.
• Replacing the CA.crt is not mandatory, it just avoids warning message (that you can safely ignore and has nothing to do with the main issue of this thread) you may meet in Eddie Android edition, Hummingbird and Bluetit. Anyway, now even ca.crt is SHA512 signed, so you will not get anymore the mentioned warning

(*) Yellow rows show certificates which use a signature based on a deprecated for security reasons hash algorithm (SHA1).
They are still here to ensure backward compatibility, because we can't know whether you still use them in generated profiles.
However, future OpenVPN versions might not allow them anymore.
Click 'Renew' or 'Delete' to resolve the issue. After that, re-generate profile(s) with our Configuration Generator. If you run our client software Eddie, you just need to log your account out and in again from the main window.

Kind regards
 

[kmartinez237 0]

2 hours ago, Staff said:

Hello!

The current state of play as well as important clarifications.
 

• The issue occurs only in those OpenVPN clients linked against OpenSSL 3 and only to some of our users, see below
• Since 2017, our system generates CRT signed with SHA512 algorithm. Previously they were signed with SHA1.
• Regeneration of old CRT is not triggered and forced by us automatically, because it would invalidate any previous OVPN configuration file out there and lock out the user who does not follow our forum, notification e-mails etc.
• @rprimus you have a client CRT (user.crt) dated 2015. You and anybody else using pre-2017 user certificates: please go to your "Client Area" > "Devices" menu, renew your cert/key pair, re-download your OVPN configuration files from the Configuration Generator, use them and you will be fine. The problem has never been caused by the CA certificate.
• Replacing the CA.crt is not mandatory, it just avoids warning message (that you can safely ignore and has nothing to do with the main issue of this thread) you may meet in Eddie Android edition, Hummingbird and Bluetit. Anyway, now even ca.crt is SHA512 signed, so you will not get anymore the mentioned warning

Kind regards
 

This worked!!! Thank you so much!!! ☺️

[rprimus 2]

3 hours ago, Staff said:

@rprimus you have a client CRT (user.crt) dated 2015. You and anybody else using pre-2017 user certificates: please go to your "Client Area" > "Devices" menu, renew your cert/key pair, re-download your OVPN configuration files from the Configuration Generator, use them and you will be fine. (*) The problem has never been caused by the CA certificate.

 

Thu Oct  7 14:38:51 BST 2021

@Staff Thank you very much - all A-OK now!

 

[dmerryman 0]

Boom! You guys are the best. Had the exact same issue but now I'm back up and running.

[Sergey2k 0]

18 hours ago, Staff said:

Since 2017, our system generates CRT signed with SHA512 algorithm. Previously they were signed with SHA1. 

Hello
I've checked certificates from configuration of ASUS OpenVpn server. They are SHA1. But HMAC Authentication is SHA 512 into server. Then my server can't  use SHA512 certificates cipher algorithm. Therefore, need change server (firmware is latest), or downgrade security on android client (tls-cipher:"DEFAULT:@SECLEVEL=0")

[maasenstodt 0]

I had the same problem, and following the directions worked for me as well.

However, I'm now unable to connect on my PC using the Eddie client.  Here's my log:

I 2021.10.12 20:39:06 - Session starting.
I 2021.10.12 20:39:08 - Checking authorization ...
! 2021.10.12 20:39:09 - Connecting to Fang (United States of America, Chicago, Illinois)
. 2021.10.12 20:39:09 - OpenVPN > OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 24 2021
. 2021.10.12 20:39:09 - OpenVPN > Windows version 10.0 (Windows 10 or greater) 64bit
. 2021.10.12 20:39:09 - OpenVPN > library versions: OpenSSL 1.1.1j  16 Feb 2021, LZO 2.10
. 2021.10.12 20:39:09 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:09 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:09 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:09 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:09 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:09 - OpenVPN > Socket Buffers: R=[65536->262144] S=[65536->262144]
. 2021.10.12 20:39:09 - OpenVPN > UDP link local: (not bound)
. 2021.10.12 20:39:09 - OpenVPN > UDP link remote: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:09 - OpenVPN > TLS: Initial packet from [AF_INET]68.235.48.110:443, sid=7ab33fa3 2a242b8d
. 2021.10.12 20:39:09 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2021.10.12 20:39:09 - OpenVPN > VERIFY KU OK
. 2021.10.12 20:39:09 - OpenVPN > Validating certificate extended key usage
. 2021.10.12 20:39:09 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2021.10.12 20:39:09 - OpenVPN > VERIFY EKU OK
. 2021.10.12 20:39:09 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Fang, emailAddress=info@airvpn.org
. 2021.10.12 20:39:09 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA
. 2021.10.12 20:39:09 - OpenVPN > [Fang] Peer Connection Initiated with [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:10 - OpenVPN > SENT CONTROL [Fang]: 'PUSH_REQUEST' (status=1)
W 2021.10.12 20:39:10 - Authorization failed. Look at the client area to discover the reason.
. 2021.10.12 20:39:10 - OpenVPN > AUTH: Received control message: AUTH_FAILED
. 2021.10.12 20:39:10 - OpenVPN > SIGTERM received, sending exit notification to peer
! 2021.10.12 20:39:10 - Disconnecting
. 2021.10.12 20:39:10 - Sending soft termination signal
. 2021.10.12 20:39:13 - Connection terminated.
. 2021.10.12 20:39:13 - OpenVPN > SIGTERM[hard,] received, process exiting
I 2021.10.12 20:39:16 - Checking authorization ...
! 2021.10.12 20:39:17 - Connecting to Fang (United States of America, Chicago, Illinois)
. 2021.10.12 20:39:17 - OpenVPN > OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 24 2021
. 2021.10.12 20:39:17 - OpenVPN > Windows version 10.0 (Windows 10 or greater) 64bit
. 2021.10.12 20:39:17 - OpenVPN > library versions: OpenSSL 1.1.1j  16 Feb 2021, LZO 2.10
. 2021.10.12 20:39:17 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:17 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:17 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:17 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:17 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:17 - OpenVPN > Socket Buffers: R=[65536->262144] S=[65536->262144]
. 2021.10.12 20:39:17 - OpenVPN > UDP link local: (not bound)
. 2021.10.12 20:39:17 - OpenVPN > UDP link remote: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:17 - OpenVPN > TLS: Initial packet from [AF_INET]68.235.48.110:443, sid=986739d4 81f1a840
. 2021.10.12 20:39:17 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2021.10.12 20:39:17 - OpenVPN > VERIFY KU OK
. 2021.10.12 20:39:17 - OpenVPN > Validating certificate extended key usage
. 2021.10.12 20:39:17 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2021.10.12 20:39:17 - OpenVPN > VERIFY EKU OK
. 2021.10.12 20:39:17 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Fang, emailAddress=info@airvpn.org
. 2021.10.12 20:39:18 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA
. 2021.10.12 20:39:18 - OpenVPN > [Fang] Peer Connection Initiated with [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:19 - OpenVPN > SENT CONTROL [Fang]: 'PUSH_REQUEST' (status=1)
W 2021.10.12 20:39:19 - Authorization failed. Look at the client area to discover the reason.
. 2021.10.12 20:39:19 - OpenVPN > AUTH: Received control message: AUTH_FAILED
. 2021.10.12 20:39:19 - OpenVPN > SIGTERM received, sending exit notification to peer
! 2021.10.12 20:39:19 - Disconnecting
. 2021.10.12 20:39:19 - Sending soft termination signal
. 2021.10.12 20:39:22 - Connection terminated.
. 2021.10.12 20:39:22 - OpenVPN > SIGTERM[hard,] received, process exiting
I 2021.10.12 20:39:25 - Checking authorization ...
! 2021.10.12 20:39:26 - Connecting to Fang (United States of America, Chicago, Illinois)
. 2021.10.12 20:39:26 - OpenVPN > OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 24 2021
. 2021.10.12 20:39:26 - OpenVPN > Windows version 10.0 (Windows 10 or greater) 64bit
. 2021.10.12 20:39:26 - OpenVPN > library versions: OpenSSL 1.1.1j  16 Feb 2021, LZO 2.10
. 2021.10.12 20:39:26 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:26 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:26 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2021.10.12 20:39:26 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2021.10.12 20:39:26 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:26 - OpenVPN > Socket Buffers: R=[65536->262144] S=[65536->262144]
. 2021.10.12 20:39:26 - OpenVPN > UDP link local: (not bound)
. 2021.10.12 20:39:26 - OpenVPN > UDP link remote: [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:26 - OpenVPN > TLS: Initial packet from [AF_INET]68.235.48.110:443, sid=15e64168 524357f5
. 2021.10.12 20:39:26 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2021.10.12 20:39:26 - OpenVPN > VERIFY KU OK
. 2021.10.12 20:39:26 - OpenVPN > Validating certificate extended key usage
. 2021.10.12 20:39:26 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2021.10.12 20:39:26 - OpenVPN > VERIFY EKU OK
. 2021.10.12 20:39:26 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Fang, emailAddress=info@airvpn.org
. 2021.10.12 20:39:26 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA
. 2021.10.12 20:39:26 - OpenVPN > [Fang] Peer Connection Initiated with [AF_INET]68.235.48.110:443
. 2021.10.12 20:39:27 - OpenVPN > SENT CONTROL [Fang]: 'PUSH_REQUEST' (status=1)
W 2021.10.12 20:39:27 - Authorization failed. Look at the client area to discover the reason.
. 2021.10.12 20:39:27 - OpenVPN > AUTH: Received control message: AUTH_FAILED
. 2021.10.12 20:39:27 - OpenVPN > SIGTERM received, sending exit notification to peer
! 2021.10.12 20:39:27 - Disconnecting
. 2021.10.12 20:39:27 - Sending soft termination signal
. 2021.10.12 20:39:30 - Connection terminated.
. 2021.10.12 20:39:30 - OpenVPN > SIGTERM[hard,] received, process exiting
I 2021.10.12 20:39:31 - Cancel requested.
! 2021.10.12 20:39:31 - Session terminated.

 

[Staff 9972]

@maasenstodt

Hello!

Currently Eddie does not re-download automatically any new certificate/key pair: in Eddie main window, log your account out and then log it in again, in order to force Eddie to re-download client certificate(s) and key(s).

A detailed guide is available here:
https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/

Kind regards
 

[maasenstodt 0]

Thank you!

[kbps 29]

Thanks @Staff fixed it for me too.