ibVPN stopped working

Forums

Add a reply View Replies (2) →

Dries Dokter

Offline

Bug

ibVPN stopped working

Resolved

0 votes

I use the ibVPN on ClearOS release 7.8.1 and set-up an IP-address of a headless system to use the VPN. Because the system is headless it took me sometime to notice it is no longer communicating to the outside world.

After looking into that I found that ibVPN on ClearOs stopped working and always reports the following error:

Jul 27 14:41:51 mail ibvpn[11289]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Jul 27 14:41:51 mail ibvpn[11289]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1420)

Jul 27 14:41:51 mail ibvpn[11289]: TCP/UDP: Preserving recently used remote address: [AF_INET]81.30.152.54:80

Jul 27 14:41:51 mail ibvpn[11289]: Socket Buffers: R=[212992->212992] S=[212992->212992]

Jul 27 14:41:51 mail ibvpn[11289]: UDP link local (bound): [AF_INET]192.168.1.5:1190

Jul 27 14:41:51 mail ibvpn[11289]: UDP link remote: [AF_INET]81.30.152.54:80

Jul 27 14:41:51 mail ibvpn[11289]: TLS: Initial packet from [AF_INET]81.30.152.54:80, sid=e671936e ead3a7e9

Jul 27 14:41:51 mail ibvpn[11289]: VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=RO, ST=MS, L=TirguMures, O=Amplusnet, OU=ibVPN, CN=Amplusnet CA, name=EasyRSA, emailAddress=admin@ibvpn.com

Jul 27 14:41:51 mail ibvpn[11289]: OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Jul 27 14:41:51 mail ibvpn[11289]: TLS_ERROR: BIO read tls_read_plaintext error

Jul 27 14:41:51 mail ibvpn[11289]: TLS Error: TLS object -> incoming plaintext read error

Jul 27 14:41:51 mail ibvpn[11289]: TLS Error: TLS handshake failed

Jul 27 14:41:51 mail ibvpn[11289]: SIGUSR1[soft,tls-error] received, process restarting

Jul 27 14:41:51 mail ibvpn[11289]: Restart pause, 10 second(s)

I am not sure if is a ClearOS change or a ibVPN change that caused this but found that this started June 9th and I can't match that to anything in yum history..

In ibVPN

Monday, July 27 2020, 12:52 PM

Share this post:

Responses (2)

Accepted Answer
Dries Dokter

Offline
Monday, July 27 2020, 01:53 PM - #Permalink
Resolved

0 votes

Thank you for your quick reply Nick. I did indeed understand it was a certificate error but had no idea which one and more importantly, where to get a new one :-)
The reply is currently minimized Show

Accepted Answer

Nick Howitt

Offline

Monday, July 27 2020, 01:43 PM - #Permalink

Resolved

0 votes

If you look at the message, there is a certificate problem. It, in fact, expired on Monday 20th. This is a Contributor's app and I have tried contacting the dev, but I believe he is on holiday. In the meanwhile you can back up /etc/clearos/ibvpn.d/ibvpn.com.crt, the replace the certificate with:

Then restart ibVPN and it should start working again (if the forum does not munge the certificate).