Resolving OpenVPN® MD5 certificate problems

Article #: Product: Castle:
  Guardian All

Summary:

OpenVPN® MD5 signed certificates support will be ending in May of 2018. Currently, the Certificate Authority for the VPN module is still signed using MD5. For further details see: https://docs.openvpn.net/planned-removal-of-md5-support/

Problem:

OpenVPN® proposed ending of MD5 signed certificate support may impact some devices. It is likely that, following the end of MD5 signed certificates support for Windows 10, iPads, Android, and Apple Mac devices will have connection issues.

Solution:

To resolve potential Windows 10, iPads, Android, and Apple Mac connection issues, following the end of MD5 signed certificates support, you will need to create and export a compatible Certificate Authority certificate. Once exported, the Certificate Authority file can be imported and assigned as the global VPN certificate. The Certificate Authority file can then be pushed to the impacted devices.

The following steps guide through this process:

Attribution:

Last updated: Author: Contributions by:
5th March 2018 Jason Holdstock