Issue with Softether VPN and OpenVPN Connect on Android M

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Roze
Posts: 2
Joined: Thu Jul 14, 2016 6:35 pm

Issue with Softether VPN and OpenVPN Connect on Android M

Post by Roze » Thu Jul 14, 2016 7:52 pm

Hi,
I recently got myself a new phone, and I'm having serious issues in getting the softether server to work with the new phone.
I have upgraded SoftEther VPN Server to latest version, 4.21, and OpenVPN Connect to latest (automatically updated, @1.1.17 at the time of writing, OpenVPN core 3.0.12.), and I'm just getting the error
"OpenVPN server certificate verification failed : PolarSSL : SSL read error : X509 - Certificate verification failed. e.g. CRL, CA or signature check failed"
when I try to login to the server.
I have tried generating external certificates as well as internal, using different ciphers and different strengths, to no avail.
There is seemingly no way for me to resolve this issue easily, so, please assist.

//Kind regards.

Roze
Posts: 2
Joined: Thu Jul 14, 2016 6:35 pm

Re: Issue with Softether VPN and OpenVPN Connect on Android

Post by Roze » Fri Jul 15, 2016 10:19 pm

I downgraded my OpenVPN Connect version to 1.1.16 (from 1.1.17) and now it works.
Apparently, something in the 17-upgrade breaks connection with SoftEther... Perhaps their upgrade of PolarSSL?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Issue with Softether VPN and OpenVPN Connect on Android

Post by thisjun » Tue Aug 02, 2016 5:16 am

Please read version history of SoftEther VPN 4.07 Build 9448 (June 6, 2014).
https://www.softether.org/5-download/history

Other updates on this build are as followings:
The problem with OpenVPN Connect for Android 1.1.14 has been fixed. In the previous versions, OpenVPN Connect for Android 1.1.14 reports "PolarSSL Error" when it connects to the SoftEther VPN Server, if the server SSL certificate is self-signed root certificate. This X.509 certificate parsing problem is OpenVPN Connect's bug, however we performed work around for this OpenVPN Connect's bug. Please mind that you need to regenerate your self-signed root certificate in order to comply with OpenVPN Connect at once after upgrading the VPN Server to this version. To regenerate the certificate, use the GUI tool on VPN Server Manager, or execute the "ServerCertRegenerate" command on vpncmd.

Post Reply