The latest version of OpenSSL won’t allow connection to MD5 signed certificates, so I had to rebuild all my OpenVPN keys etc.
Having installed OpenVPN 2.4.4 on the server, and running easy-rsa, I’ve now created new keys that work fine using the OpenVPN client on my laptop and phone.
However, my AR300M will read the opvn file ok, but when you try to connect just says the client is “not started”. It doesn’t even try to connect - no packet is received on the server. There’s no logs in the system log either, suggesting openvpn is not even starting.
I’m guessing it doesn’t like the new stronger encryption etc on the new keys? I also notice that even with firmware 2.263, the AR300M is still running quite old versions of OpenVPN and OpenSSL Any suggestions on how to fix this please?
The opvn config is identical except for the new certs and keys, which differ as below:
Old >>> Signature Algorithm: md5WithRSAEncryption
New >>>> Signature Algorithm: sha256WithRSAEncryption
Old >>>> Public Key Algorithm: rsaEncryption Public-Key: (1024 bit)
New >>>> Public Key Algorithm: rsaEncryption Public-Key: (4096 bit)