openVPN generated incorrect certs generated, key too small

openVPN generated incorrect certs generated, key too small

21 Reply
Re:openVPN generated incorrect certs generated, key too small
2024-03-29 01:32:10

  @Callum_1 

 

Hi, please refer to Case 1 in this thread to troubleshoot first: VPN Server Is Not Working Properly on TP-Link Wi-Fi Routers

 

If it doesn't resolve the issue, please provide the required information for further follow-up.

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer BE550 New Software Enhances System Stability and Optimizes MLO Network Stability. TL-WA3001 Supports EasyMesh, Speed Limit, Guest Network in AP Mode and/or Multi-SSID Mode. If you found the post or response helpful, please click Helpful. If an answer solves your problem, click "Recommended Solution" so that others can benefit from it.
  0  
  0  
#12
Options
Re:openVPN generated incorrect certs generated, key too small
2024-06-08 19:31:52

@Sunshine Adding the `tls-cipher` setting to the OpenVPN config and switching the transport method from UDP->TCP fixed it.

  0  
  0  
#13
Options
Re:openVPN generated incorrect certs generated, key too small
2024-06-19 13:32:41

  @pepicheck 

Thank you for the two workarounds. Changing the Legacy settings worked and I'll be trying the second option shortly. This thing was driving me crazy since my Windows client connected fine but Android was being a pain.

 

Big thanks.

  0  
  0  
#14
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-12 17:43:13
Hello, Unfortunately, this didnt work for me. I tried: 1. add the "tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA" below the existing "cipher AES-123-CBC" 2. replace the "cipher AES-123-CBC" with the "tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA" Still no luck! I am accessing the router (Archer AX20 v1.0 with 1.3.8 Build 20230830 rel.19767(4555) ) via my classic PC with Win10 to configure it and I am testing the VPN on my Dell Laptop with Win11 and latest OpenVPN client v3, connected via phone hotspot. Any other suggestions?? Thank you! Regards
  0  
  0  
#15
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-14 05:56:18

  @GeorgettaCZ For Windows, there is no need to tweak a profile, use the OpenVPN comunity https://openvpn.net/community-downloads/ and make sure, the laptop is not on your home network. OR mobile phone. Not on same network like the router. Connect to mobile hotspot, mobile data plan, and then connect to OpenVPN

  0  
  0  
#16
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-17 17:41:02 - last edited 2024-07-20 00:37:30

@ZCoupon

Hello if just adding

tls-cipher vpn

client asking at least 1 argument

if adding tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA

also error. i changed to TCP. any more idea ?

 

**** solution

in advanced setting

Sec level - lagacy

Tlc 1.3 - off

after this works fine 

Udp also works 

 

  0  
  0  
#17
Options
Re:openVPN generated incorrect certs generated, key too small
a week ago

  @Sunshine Is there any solution for this error? Neither of the workaround worked for me on ios openvpn app, so it seems on ios your vpn doesn't work.

 

Thank you

BR

Miklos

  0  
  0  
#18
Options
Re:openVPN generated incorrect certs generated, key too small
Tuesday

Still looking for a solution for iOS—can anyone assist with this?

  0  
  0  
#19
Options
Re:openVPN generated incorrect certs generated, key too small-Solution
Tuesday - last edited Tuesday

@DerekLee  @DerekLee 

 

Thank you both for following up on this thread.

 

If both of your iOS devices fail to connect to the OpenVPN Server of the TP-Link router, please try modifying the settings on the OpenVPN Client app as follows, then let me know if it works:

Open the OpenVPN Connect client > Click the three-line symbol in the upper left corner > Settings > Slide to the bottom to find the Advanced Settings > Set Security Level to Legacy

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer AX55V2 Supports WireGuard VPN, EasyMesh Ethernet Backhaul, IoT Network, Speed Limit,and More If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
Recommended Solution
  0  
  0  
#20
Options
Re:openVPN generated incorrect certs generated, key too small
Tuesday

  @Kevin_Z Hi, thank you for your help; it's working now!

  1  
  1  
#21
Options