Messages

Hi,

I just upgraded to 22.7.3_2 and my OpenVPN server stopped working.

On startup of the vpn server I see the following error in the log:

Code Select Expand

2022-09-01T22:01:21 Error php #7 {main}
2022-09-01T22:01:21 Error php #6 /usr/local/etc/rc.newwanip(170): plugins_configure('vpn', false, Array)
2022-09-01T22:01:21 Error php #5 /usr/local/etc/inc/plugins.inc(288): openvpn_configure_do(false, 'wan')
2022-09-01T22:01:21 Error php #4 /usr/local/etc/inc/plugins.inc.d/openvpn.inc(1153): openvpn_reconfigure('server', Array, false)
2022-09-01T22:01:21 Error php #3 /usr/local/etc/inc/plugins.inc.d/openvpn.inc(834): crl_update(Array)
2022-09-01T22:01:21 Error php #2 /usr/local/etc/inc/certs.inc(686): phpseclib3\File\X509->validateSignature(false)
2022-09-01T22:01:21 Error php #1 /usr/local/share/phpseclib/File/X509.php(1286): phpseclib3\File\X509->validateSignatureCountable(false, 0)
2022-09-01T22:01:21 Error php #0 /usr/local/share/phpseclib/File/X509.php(1412): phpseclib3\File\X509->validateSignatureHelper('rsaEncryption', '-----BEGIN PUBL...', 'id-RSASSA-PSS', '\xA3\xD4\x07\xCA\xCBX\f@\x7F\xD8j\xE19\x90m...', '0\x81\xC60\v\x06\t*\x86H\x86\xF7\r\x01\x01...')
2022-09-01T22:01:21 Error php Stack trace:
2022-09-01T22:01:21 Error php Cert revocation error: CRL signature invalid phpseclib3\Exception\UnsupportedAlgorithmException: Signature algorithm unsupported in /usr/local/share/phpseclib/File/X509.php:1455

The CRL cannot get loaded anymore and therefore any incoming sessions get denied.

The VPN worked fine on the last patch.