Dear Sirs,
today I’ve lost access to any OpenVPN servers because of (my assumption) local (device unique?) cert expired.
Model: GL-AR750S-EXT Slate
Firmware: 3.215
SYSTEM LOG:
Sun Dec 18 10:54:11 2022 daemon.err openvpn[18---]: VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=US, O=Let's Encrypt, CN=R3, serial=[*HIDDEN*]
Sun Dec 18 10:54:15 2022 daemon.notice openvpn[18---]: SIGHUP[soft,tls-error] received, process restarting
Sun Dec 18 10:54:15 2022 daemon.warn openvpn[18---]: DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
Sun Dec 18 10:54:15 2022 daemon.notice openvpn[18---]: OpenVPN 2.5.2 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sun Dec 18 10:54:15 2022 daemon.notice openvpn[18---]: library versions: OpenSSL 1.1.1n 15 Mar 2022
Sun Dec 18 10:54:15 2022 daemon.notice openvpn[18---]: Restart pause, 2 second(s)
Sun Dec 18 10:54:17 2022 daemon.warn openvpn[18---]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Dec 18 10:54:17 2022 daemon.warn openvpn[18---]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
It looks the same as Expired OpenSSL Certificate Authority Fix
Could you, please, clarify,
- if the software issue is not solved still,
- how is it possible to fix it.
Thank you in advance!