timdoug's tidbits


2014-05-30

Using TLS v1.2 with OpenVPN 2.3.4

It's disabled by default, and if you add e.g. tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 (a TLS v1.2 cipher) to your server config it silently breaks. The solution is to add tls-version-min 1.2 to both the server and client config, and then it works like a charm. OpenVPN 2.3.3 added support for v1.2, so this won't work with anything older than 2.3.3.

[/general] permanent link


© 2006-24 timdoug | email: "me" at this domain
So necessary