gluetun: Bug: Perfect Privacy "Your Certificate has expired"

Is this urgent?

Yes

Host OS

Debian Bullseye (OpenMediaVault)

CPU arch

x86_64

VPN service provider

Custom

What are you using to run the container

Portainer

What is the version of Gluetun

2023-04-12T12:34:51.538Z (commit d4f8eea)

What’s the problem πŸ€”

No VPN Connection

Share your logs

2023-04-17T20:22:42+02:00 INFO [openvpn] library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
2023-04-17T20:22:42+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2023-04-17T20:22:42+02:00 WARN [openvpn] Your certificate has expired!
2023-04-17T20:22:42+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]*.*.*.*:443
2023-04-17T20:22:42+02:00 INFO [openvpn] UDP link local: (not bound)
2023-04-17T20:22:42+02:00 INFO [openvpn] UDP link remote: [AF_INET]*.*.*.*:443
2023-04-17T20:22:48+02:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun/wiki/Healthcheck)
2023-04-17T20:22:48+02:00 INFO [vpn] stopping
2023-04-17T20:22:48+02:00 INFO [vpn] starting

Share your configuration

gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8080:8080
    volumes:
      - /root/glue:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=perfect privacy
      - VPN_TYPE=openvpn
      - OPENVPN_USER=USERNAME
      - OPENVPN_PASSWORD=PASSWORD
      - SERVER_CITIES=CITY
      - TZ=TZ
    restart: unless-stopped

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Reactions: 4
  • Comments: 21 (8 by maintainers)

Most upvoted comments

Thanks @Thamos88 ! πŸ‘

I’ll do a v3.33.1 bugfix release soon-ish with those new values.

+6
qdm12 on Apr 23, 2023

You can build in the meantime the container from my forked repo until the pr got merged. Work fine for me.

Or use my container 15ky3/gluetun:latest

+3
15ky3 on Apr 28, 2023

This seems to be happening to all Perfect Privacy locations (that I have tried), and also happens when I use a custom .ovpn configuration.

Problem began at 2:20am 17/04/23 for me.

I have other active connections to Perfect Privacy servers from other devices, and they are not affected.

+2
mondoduke on Apr 18, 2023

Or use my container 15ky3/gluetun:latest

works like a charm… big thx!

+1
olvier on Apr 28, 2023

Would share my credentials to @qdm12, again, if needed.

+1
olvier on Apr 19, 2023

I’m also using Perfect Privacy, and started seeing similar logs as in #1528 today.
After a friend, who also uses Perfect Privacy + Gluetun, reported similar issues to me.

πŸš’πŸš’πŸš’πŸš’πŸš’πŸš¨πŸš¨πŸš¨πŸš¨πŸš¨πŸš¨πŸš’πŸš’πŸš’πŸš’πŸš’
That error usually happens because either:
1. The VPN server IP address you are trying to connect to is no longer valid πŸ”Œ
Update your server information using https://github.com/qdm12/gluetun/wiki/Updating-Servers
2. The VPN server crashed πŸ’₯, try changing your VPN servers filtering options such as SERVER_REGIONS
3. Your Internet connection is not working 🀯, ensure it works
4. Something else ➑️ https://github.com/qdm12/gluetun/issues/new/choose

2023-04-17T21:48:07+02:00 INFO [openvpn] TLS Error: TLS handshake failed
2023-04-17T21:48:07+02:00 INFO [openvpn] SIGTERM received, sending exit notification to peer
2023-04-17T21:48:07+02:00 INFO [openvpn] SIGTERM[soft,tls-error] received, process exiting
2023-04-17T21:48:07+02:00 INFO [vpn] retrying in 15s
2023-04-17T21:48:22+02:00 INFO [firewall] allowing VPN connection...
2023-04-17T21:48:22+02:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022
2023-04-17T21:48:22+02:00 INFO [openvpn] library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
2023-04-17T21:48:22+02:00 WARN [openvpn] No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2023-04-17T21:48:22+02:00 WARN [openvpn] Your certificate has expired!
2023-04-17T21:48:22+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]149.202.77.77:443
2023-04-17T21:48:22+02:00 INFO [openvpn] UDP link local: (not bound)
2023-04-17T21:48:22+02:00 INFO [openvpn] UDP link remote: [AF_INET]149.202.77.77:443
2023-04-17T21:49:22+02:00 WARN [openvpn] TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

FYI:

  • Not sure if it should, but ifconfig | grep tun returns nothing.
  • Non Gluetun Perfect Privacy connections (e.g. Desktop / Android), work without any problems.
+1
Rikj000 on Apr 19, 2023
Read more comments on GitHub
← gluetun: Bug: Nordvpn problems using gluetun
gluetun: Bug: PIA `/getSignature` `x509: certificate signed by unknown authority` →