NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
MD5-Signed Certificate Warning with OpenVPN on iOS
As of version 1.2.8 of the OpenVPN app on iOS, OpenVPN issues the following warning: > WARN TLS: received certificate signed with MD5. > Please inform your admin to upgrade to a > stronger algori...
FYI, I documented the steps to required to replace the certificates here. Unfortunately it the steps are written for users of Windows, but it also uses mostly cross-platform OpenSource tools and explains what's going on so I think it should be pretty translatable if you don't have access to any Windows boxes.
Just posting this so you have at least one go-forward path.
I have the same isssue. MD5 warning when connecting to the VPN on an iOS device.
Netgear are you looking at this issue? It won't work anymore from 30th of april 2018.
axelsegerswrote:I have the same isssue. MD5 warning when connecting to the VPN on an iOS device.
Current firmware version on your R8900 / Nighthawk X10?
axelsegers wrote:Netgear are you looking at this issue? It won't work anymore from 30th of april 2018.
A Netgear moderator has already answered a few replies before -> JamesGL in port #6.
Hasn't this been solved by the latest 1.0.2.46 firmware? Haven't installed it yet, but the changelog does say:
New Features and Enhancements: Supports the VPN client feature.
And this would suggest a fix in the VPN department. Don't want to install unless this is the case though, all is running well at the moment (at least until end of April haha).
- I'm not sure what this is referring to but as far as I can tell, it's only in the firmware for the R7800. The latest firmware for the R7000 at the time of writing is 1.0.9.26 and it doesn't contain this fix at all.
Ah well, I'll flash the dang thing tonight then, and see if it'll get rid of the MD5 warning issued by OpenVPN.
martijn76wrote:Hasn't this been solved by the latest 1.0.2.46 firmware? Haven't installed it yet, but the changelog does say:
New Features and Enhancements: Supports the VPN client feature.
And this would suggest a fix in the VPN department.
This "VPN Client" is a new feature for your router model: It does allow to initialise a VPN connection from the router ie. to your office or to a hide-my-a** VPN server.
- It's probably best for end users if the generation is supported on the device directly, but could be accelerated by genie if it was available. It's the dh-param that is slow and in fact worst case they could keep the one the unit shipped with, even though it's too short IMO, and at least regenerate certificates that didn't have md5 digests. This would be a fairly fast operation.
However, if I was in the web interface and it said, "Are you sure you want to continue? Generating new certificates and parameters could take up to an hour and router performance may be slower during that time", I would be fine with it. Who wouldn't rather do that than pull out a laptop and do it all manually? Just run it before bed.
