Show Posts
1
22.7 Legacy Series / OpenVPN stopped working after upgrade to 22.7.3_2 (CRL cannot be loaded)
« on: September 02, 2022, 07:47:15 pm »
Hi,
I just upgraded to 22.7.3_2 and my OpenVPN server stopped working.
On startup of the vpn server I see the following error in the log:
The CRL cannot get loaded anymore and therefore any incoming sessions get denied.
The VPN worked fine on the last patch.
I just upgraded to 22.7.3_2 and my OpenVPN server stopped working.
On startup of the vpn server I see the following error in the log:
Code: [Select]
2022-09-01T22:01:21 Error php #7 {main}
2022-09-01T22:01:21 Error php #6 /usr/local/etc/rc.newwanip(170): plugins_configure('vpn', false, Array)
2022-09-01T22:01:21 Error php #5 /usr/local/etc/inc/plugins.inc(288): openvpn_configure_do(false, 'wan')
2022-09-01T22:01:21 Error php #4 /usr/local/etc/inc/plugins.inc.d/openvpn.inc(1153): openvpn_reconfigure('server', Array, false)
2022-09-01T22:01:21 Error php #3 /usr/local/etc/inc/plugins.inc.d/openvpn.inc(834): crl_update(Array)
2022-09-01T22:01:21 Error php #2 /usr/local/etc/inc/certs.inc(686): phpseclib3\File\X509->validateSignature(false)
2022-09-01T22:01:21 Error php #1 /usr/local/share/phpseclib/File/X509.php(1286): phpseclib3\File\X509->validateSignatureCountable(false, 0)
2022-09-01T22:01:21 Error php #0 /usr/local/share/phpseclib/File/X509.php(1412): phpseclib3\File\X509->validateSignatureHelper('rsaEncryption', '-----BEGIN PUBL...', 'id-RSASSA-PSS', '\xA3\xD4\x07\xCA\xCBX\f@\x7F\xD8j\xE19\x90m...', '0\x81\xC60\v\x06\t*\x86H\x86\xF7\r\x01\x01...')
2022-09-01T22:01:21 Error php Stack trace:
2022-09-01T22:01:21 Error php Cert revocation error: CRL signature invalid phpseclib3\Exception\UnsupportedAlgorithmException: Signature algorithm unsupported in /usr/local/share/phpseclib/File/X509.php:1455The CRL cannot get loaded anymore and therefore any incoming sessions get denied.
The VPN worked fine on the last patch.