Jump to content
Not connected, Your IP: 3.133.108.172
AirVPN
Sign in to follow this  
Followers 0
adams-j

ANSWERED Fedora 36 unable to connect w/ logs

By adams-j, ... in Troubleshooting and Problems

Recommended Posts

adams-j    1

adams-j
Posted ...

Hello,

Fresh install of Eddie on Fedora 36 and I cannot connect connect due to a fatal error (see below), I can connect to the VPN on Ubuntu and Android devices.  Please take a look at the logs and suggest a way to connect.  Thank you


. 2022.04.03 16:16:26 - Eddie version: 2.21.5beta / linux_x64, System: Linux, Name: Fedora Linux, Version: 36 (Workstation Edition Prerelease), Mono/.Net: 6.12.0.122 (tarball Thu Jan 20 20:34:53 UTC 2022); Framework: v4.0.30319
. 2022.04.03 16:16:26 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui"
. 2022.04.03 16:16:27 - Raise system privileges
. 2022.04.03 16:16:30 - Profile options not found, using defaults.
. 2022.04.03 16:16:31 - OpenVPN - Version: 2.5.6 - OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 (/usr/sbin/openvpn)
. 2022.04.03 16:16:31 - SSH - Version: OpenSSH_8.8p1, OpenSSL 3.0.2 15 Mar 2022 (/usr/bin/ssh)
. 2022.04.03 16:16:31 - SSL - Version: Initializing (/usr/bin/stunnel)
. 2022.04.03 16:16:31 - curl - Version: 7.82.0 (/usr/bin/curl)
I 2022.04.03 16:16:34 - Ready
. 2022.04.03 16:16:37 - Collect information about AirVPN completed
I 2022.04.03 16:16:53 - Checking login ...
! 2022.04.03 16:16:55 - Logged in.
I 2022.04.03 16:16:57 - Session starting.
. 2022.04.03 16:16:57 - Waiting for latency tests (1 to go)
I 2022.04.03 16:17:00 - Checking authorization ...
! 2022.04.03 16:17:01 - Connecting to Tejat (Canada, Toronto, Ontario)
. 2022.04.03 16:17:01 - Routes, add 184.75.221.197/32 for interface "wlo1".
. 2022.04.03 16:17:01 - Routes, add 184.75.221.197/32 for interface "wlo1", already exists.
. 2022.04.03 16:17:01 - OpenVPN > OpenVPN 2.5.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 16 2022
. 2022.04.03 16:17:01 - OpenVPN > library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
. 2022.04.03 16:17:01 - OpenVPN > OpenSSL: error:0A00018E:SSL routines::ca md too weak
. 2022.04.03 16:17:01 - OpenVPN > Cannot load inline certificate file
. 2022.04.03 16:17:01 - OpenVPN > Exiting due to fatal error
! 2022.04.03 16:17:01 - Disconnecting
. 2022.04.03 16:17:01 - Routes, delete 184.75.221.197/32 for interface "wlo1".
. 2022.04.03 16:17:01 - Routes, delete 184.75.221.197/32 for interface "wlo1", not exists.
. 2022.04.03 16:17:01 - Connection terminated.
I 2022.04.03 16:17:05 - Checking authorization ...
! 2022.04.03 16:17:05 - Connecting to Chort (Canada, Toronto, Ontario)
. 2022.04.03 16:17:05 - Routes, add 104.254.90.237/32 for interface "wlo1".
. 2022.04.03 16:17:05 - Routes, add 104.254.90.237/32 for interface "wlo1", already exists.
. 2022.04.03 16:17:06 - OpenVPN > OpenVPN 2.5.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 16 2022
. 2022.04.03 16:17:06 - OpenVPN > library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
. 2022.04.03 16:17:06 - OpenVPN > OpenSSL: error:0A00018E:SSL routines::ca md too weak
. 2022.04.03 16:17:06 - OpenVPN > Cannot load inline certificate file
. 2022.04.03 16:17:06 - OpenVPN > Exiting due to fatal error
! 2022.04.03 16:17:06 - Disconnecting
. 2022.04.03 16:17:06 - Sending soft termination signal
. 2022.04.03 16:17:06 - Routes, delete 104.254.90.237/32 for interface "wlo1".
. 2022.04.03 16:17:06 - Routes, delete 104.254.90.237/32 for interface "wlo1", not exists.
. 2022.04.03 16:17:06 - Connection terminated.
I 2022.04.03 16:17:08 - Cancel requested.
! 2022.04.03 16:17:08 - Session terminated.

Share this post

Link to post

Staff    9973

Staff
Posted ...
@adams-j

Hello!

Please log your account in to the web site and go to "Client Area" > "Devices".  You will find that you have an old certificate (thank you very much, you picked us a long ago!) - you can recognize it by the yellow warning. OpenSSL 3 does not tolerate SHA1 signed certificate anymore (by default build), but we do not force withdrawal and re-generation not to interfere with current connections. Since 2018 all new generated client certificates are signed via SHA512 algorithm.
 
Quote

Deprecated certificates' are signed through a deprecated for security reasons hash algorithm (SHA1).
They are still here to ensure backward compatibility, because we can't know whether you still use them in generated profiles.
However, future OpenVPN versions might not allow them anymore.
Click 'Renew' or 'Delete' to resolve the issue. After that, re-generate profile(s) with our Configuration Generator.
If you run our client software Eddie, you just need to log your account out and in again from the main window.


Complete instructions to manage your client certificate and key pairs can be found here:
https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/

Kind regards
 

Share this post

Link to post
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...