Package: openvpn Version: 2.4.4-2 Severity: important Hi,
I have a PKI generated using certtool from the gnutls package. It's been working fine with OpenVPN for years, up to with version 2.4.4-1. With 2.4.4-2, it no longer does; the client complains that: 2017-12-28 10:19:51.581535500 Thu Dec 28 10:19:51 2017 us=581446 TLS: Initial packet from [AF_INET]**.**.**.**:5000, sid=2b216141 7850038f 2017-12-28 10:19:51.615926500 Thu Dec 28 10:19:51 2017 us=615841 VERIFY ERROR: depth=1, error=unsupported certificate purpose: CN=Certificate Authority, DC=**, DC=** 2017-12-28 10:19:51.615980500 Thu Dec 28 10:19:51 2017 us=615952 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed 2017-12-28 10:19:51.616033500 Thu Dec 28 10:19:51 2017 us=615975 TLS_ERROR: BIO read tls_read_plaintext error 2017-12-28 10:19:51.616080500 Thu Dec 28 10:19:51 2017 us=616005 TLS Error: TLS object -> incoming plaintext read error 2017-12-28 10:19:51.616097500 Thu Dec 28 10:19:51 2017 us=616018 TLS Error: TLS handshake failed The CA cert it complains about looks like this: Certificate: Data: Version: 3 (0x2) Serial Number: **:**:**:**:**:**:**:**:**:**:**:** Signature Algorithm: ecdsa-with-SHA512 Issuer: CN = Certificate Authority, DC = **, DC = ** Validity Not Before: Jul 8 14:37:07 2014 GMT Not After : Jul 5 14:37:07 2029 GMT Subject: CN = Certificate Authority, DC = **, DC = ** Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) pub: [redacted] ASN1 OID: secp521r1 NIST CURVE: P-521 X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Extended Key Usage: OCSP Signing Authority Information Access: OCSP - URI:http://... CA Issuers - URI:http://... X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Subject Key Identifier: **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:** X509v3 CRL Distribution Points: Full Name: URI:http://... Signature Algorithm: ecdsa-with-SHA512 Even if there were something technically wrong with this CA cert, just breaking openvpn doesn't strike me as appropriate. There should be a way to turn whatever new check libssl1.1 implements off; also, the error message should indicate more clearly what the problem with the certificate is. Justification for important severity: completely breaks the package for some users. Incidentally, the bug referenced in the Debian changelog entry for 2.4.4-2 seems to be unrelated: * Build against OpenSSL 1.1.0 (Closes: #828447) Best regards, AndrĂ¡s -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (350, 'unstable'), (350, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.45-vs2.3.8.5.3+zfs20171023 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: runit -- His conscience is clean - he's never used it.