Mitigation, can use the "tls-remote" property, set on the UI via
"Advanced -> TLS Authentication -> Subject match" to the X509 name on
the server's local certificate used for TLS authentication.
e.g.
"/C=NA/ST=None/L=None/O=Mullvad/CN=m3.mullvad.net/emailAddress=i...@mullvad.net"
To get this value,
1. export the VPN config (after adding a dummy value in above field)
2. edit file generated to remove the user and group lines and add a line "verb
3"
3. run from command line
openvpn --config <filename>
4. From the output pick out the expected value (example above) where it shows
an error
Limitation: If your VPN service has mutiple servers (resolved via DNS)
this will only work for one of them at a time.
Shreepad
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/593087
Title:
missing remote-cert-tls server on client
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/593087/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
