OpenVPN client reports key too small
NetworkManager[979]: <info> [1682431215.7725] vpn[HEX_ID,UUID,"firewalla_DATE_ID"]: starting openvpn
NetworkManager[979]: <info> [1682431215.7727] audit: op="connection-activate" uuid="UUID" name="firewalla_DATE_ID" pid=2004 uid=1000 result="success"
N 2.6.2 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
nm-openvpn[7224]: library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
nm-openvpn[7224]: DCO version: N/A
nm-openvpn[7224]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
nm-openvpn[7224]: OpenSSL: error:0A00018F:SSL routines::ee key too small
nm-openvpn[7224]: Cannot load certificate file /home/user/.cert/nm-openvpn/firewalla_DATE_ID-cert.pem
nm-openvpn[7224]: Exiting due to fatal error
NetworkManager[979]: <warn> [1682431215.7905] vpn[HEX_ID,UUID,"firewalla_DATE_ID"]: dbus: failure: connect-failed (1)
NetworkManager[979]: <warn> [1682431215.7905] vpn[HEX_ID,UUID,"firewalla_DATE_ID"]: dbus: failure: connect-failed (1)
Other threads unrelated to firewalla suggest to increase the key size when you get this error. I don't see anything in my firewalla config that suggests what key size is being used or allows me to choose the cert key size. I've had VPN setup for a while. I did try resetting the profile & password in hopes it would regen a larger key. No dice.
Please sign in to leave a comment.
Comments
7 comments