NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

pyrmont's avatar
pyrmont
Guide
Feb 22, 2018
Solved

MD5-Signed Certificate Warning with OpenVPN on iOS

As of version 1.2.8 of the OpenVPN app on iOS, OpenVPN issues the following warning: > WARN TLS: received certificate signed with MD5. > Please inform your admin to upgrade to a > stronger algori...
Firmware
iOS
Not resolved
openvpn
Security
VPN
  • Diggie3's avatar
    Diggie3
    Mar 01, 2018

    FYI, I documented the steps to required to replace the certificates here. Unfortunately it the steps are written for users of Windows, but it also uses mostly cross-platform OpenSource tools and explains what's going on so I think it should be pretty translatable if you don't have access to any Windows boxes.

     

    Just posting this so you have at least one go-forward path.

     

JZDallas's avatar
JZDallas
Aspirant
May 15, 2018

Wow, some people here are just whinning to much. Netgear support said that they are working on a fix. It is in Beta testing right now. I assume you would want a fix that is working and does not have bugs in it. Also, it was stated earlier that the date OpenVPN was saying is not a hard date. It was a soft date. You can still use the app and connect to your home router. As for the person that said he would be taking his back to Costo, and buying a Cisco one. I did a Cisco router, and the first chance it was hit with a surge, the router died. It was connected to a surge protector, and when I bought the Netgear and still was hit, the Netgear router still turned back on and is still kicking. 

So I would say, that I have Netgear's back. If you don't like the product, just take it back and get your money or go somewhere else. Also, the person that said that only one router is updated with the fix and what about the little people with other routers, I have a Nighthawk R8500 and I don't have the fix yet. But I am not complaining......

tonyGaspro's avatar
tonyGaspro
Guide
May 15, 2018

Sounds like you just don't take security as seriously as others, which is fine. Some folks really won't lose anything in the event of a data breach, or don't really care. Sounds like that may be you.

 

But when you buy a device for its security features, and the vendor refuses to implement a fix on time to responding to things such as expring security certificates it's a serious problem.