Expired OpenSSL Certificate Authority Fix

The current software OS for all models seem to have expired certificates and so I encountered an issue with my VPN provider rejecting my attempts to connect to their OpenVPN server because the client-side certificates on the GL-iNet routers are expired.

I’ve contacted GL-iNet technical support and explained how to resolve this and requested they update the packages in their latest update as well as their available software app/plug-in library, but they haven’t done so (it’s been months.)

So I’m going to post the fix here in case anyone else has this issue:

These are the two packages you need to install from the Advanced Admin interface on the router.
I have tested these with the 3.xxx operating system on both B1300 and AR-750 units and on both devices it resolves the expired OpenSSL certificate issue.

In the Advanced Admin Panel - in the packages page - load the following two packages and then restart the device.



Thank you for your feedback. I have found your problem in our BUG library, but it is still in a suspended state and I hope to fix it in the 3.200 version of the firmware.

Dear GL.iNet Team,
could you, please, clarify, when do you plan to fix that CA issue?

2.5 years passed, but in March 2023 we are still have only following:

  1. temporary solution, was kindly provided by @thewizard, which, unfortunately, has restored operation of only a smaller part of the public tunnels,
  2. firmware release 3.215 (2022-09-21), which had no effect on the problem of the expired certificate.

I just can’t understand, why nobody asking about that problem. Maybe public .ovpn configs are not popular, or most customers don’t know about this forum. Is my device the only one affected by this problem? If it can’t be solved through software, how can I replace/return it?

Thank you in advance!

What is the model of your device? Can you check whether the 4.X firmware is used for your model.

I have a Glinet X750 and exactly the same problem : Configured as a OpenVPN Server, the GLINET X750 worked fine with Ubuntu Nautilus vpn standard client. But now, with Ubuntu 22.04.3 LTS, I’m unable to avoid the error : OpenSSL: error:0A00018E:SSL routines::ca md too weak. Installation of the current firmware 3.104-3.217 (Compile Time 2023-05-08 10:37:25) did not solve the problem. I’m also surprised that so few people are bothered by this blocking problem.
Any help would be appreciated…