Home Network Community > Wi-Fi Routers > openVPN generated incorrect certs generated, key too small
< Wi-Fi Routers

openVPN generated incorrect certs generated, key too small

12

openVPN generated incorrect certs generated, key too small

16 Reply
Re:openVPN generated incorrect certs generated, key too small
2024-03-29 01:32:10

  @Callum_1 

 

Hi, please refer to Case 1 in this thread to troubleshoot first: VPN Server Is Not Working Properly on TP-Link Wi-Fi Routers

 

If it doesn't resolve the issue, please provide the required information for further follow-up.

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer BE550 New Software Enhances System Stability and Optimizes MLO Network Stability. TL-WA3001 Supports EasyMesh, Speed Limit, Guest Network in AP Mode and/or Multi-SSID Mode. If you found the post or response helpful, please click Helpful. If an answer solves your problem, click "Recommended Solution" so that others can benefit from it.
  0  
  0  
#12
Options
Re:openVPN generated incorrect certs generated, key too small
2024-06-08 19:31:52

@Sunshine Adding the `tls-cipher` setting to the OpenVPN config and switching the transport method from UDP->TCP fixed it.

  0  
  0  
#13
Options
Re:openVPN generated incorrect certs generated, key too small
2024-06-19 13:32:41

  @pepicheck 

Thank you for the two workarounds. Changing the Legacy settings worked and I'll be trying the second option shortly. This thing was driving me crazy since my Windows client connected fine but Android was being a pain.

 

Big thanks.

  0  
  0  
#14
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-12 17:43:13
Hello, Unfortunately, this didnt work for me. I tried: 1. add the "tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA" below the existing "cipher AES-123-CBC" 2. replace the "cipher AES-123-CBC" with the "tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA" Still no luck! I am accessing the router (Archer AX20 v1.0 with 1.3.8 Build 20230830 rel.19767(4555) ) via my classic PC with Win10 to configure it and I am testing the VPN on my Dell Laptop with Win11 and latest OpenVPN client v3, connected via phone hotspot. Any other suggestions?? Thank you! Regards
  0  
  0  
#15
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-14 05:56:18

  @GeorgettaCZ For Windows, there is no need to tweak a profile, use the OpenVPN comunity https://openvpn.net/community-downloads/ and make sure, the laptop is not on your home network. OR mobile phone. Not on same network like the router. Connect to mobile hotspot, mobile data plan, and then connect to OpenVPN

  0  
  0  
#16
Options
Re:openVPN generated incorrect certs generated, key too small
2024-07-17 17:41:02 - last edited 2024-07-20 00:37:30

@ZCoupon

Hello if just adding

tls-cipher vpn

client asking at least 1 argument

if adding tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA

also error. i changed to TCP. any more idea ?

 

**** solution

in advanced setting

Sec level - lagacy

Tlc 1.3 - off

after this works fine 

Udp also works 

 

  0  
  0  
#17
Options
12
Related Articles
 OpenVPN Generated Key too small
669 0
Connection to the secondary network generated by TL-WA850RE range extender fails.
759 0
 Set-up Open-VPN Server on Archer C7 - Client unable to connect using generated certificate
1226 0
 I am getting "The key may be incorrect" when key is correct
397 0
 'The key may be incorrect' error message when key is correct?
2609 0
 Impossible to connect to the secondary network generated by N-300 configured via WPS button
408 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.