Dynamic DNS error message related to server certificates

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
lylinformatica
Posts: 8
Joined: Sun Jul 01, 2018 9:10 am

Dynamic DNS error message related to server certificates

Post by lylinformatica » Mon Dec 17, 2018 6:50 pm

Hello:

First of all, I've not found a similar problem in the forum, but if someone find something similar, please make me know.
Second, excuse my poor english.
Third, the problem is that I've this error messaje in the Dynamic DNS Function windows of one of my VPN servers (see attached file).
error dynamiic dns vpn.PNG
The full text says:
"Unable to trust the certificate provided by the destination server. The setting to always verify the server certificate is enabled in the VPN Connection Settings. Either register a root certificate that can be trusted or register a individual certificate."

The xxxxxxxxxx.vpnazure.net works well (slow), but the xxxxxxxxx.softether.net do not work at all.
Public iP from WAN side is OK.

Any clue....

Thanks a lot.
You do not have the required permissions to view the files attached to this post.

davidebeatrici
Posts: 33
Joined: Tue Aug 28, 2018 6:44 am

Re: Dynamic DNS error message related to server certificates

Post by davidebeatrici » Mon Dec 17, 2018 11:26 pm

Hello,

It's possible that your network's gateway is acting as a MiTM SSL proxy.

Are you the owner of the network?

Best regards,
Davide

lylinformatica
Posts: 8
Joined: Sun Jul 01, 2018 9:10 am

Re: Dynamic DNS error message related to server certificates

Post by lylinformatica » Tue Dec 18, 2018 9:43 am

Hi,
I don't know for sure, but I don't think so.
I'll check that in the firewall.

Thanks.

lylinformatica
Posts: 8
Joined: Sun Jul 01, 2018 9:10 am

Re: Dynamic DNS error message related to server certificates

Post by lylinformatica » Tue Dec 18, 2018 3:44 pm

Hello:
Nothing leads to a problem with an SSL Proxy that don't seem to exist.

The message says that there are untrusted certificates that dont allow to register the VPN server in Dynamic DNS service...

Any help?

lylinformatica
Posts: 8
Joined: Sun Jul 01, 2018 9:10 am

Re: Dynamic DNS error message related to server certificates

Post by lylinformatica » Tue Dec 18, 2018 4:24 pm

Hello everyone:

More info for diagnostics...

Usin the public WAN ip WORKS!

Also using a no-ip.com domain (that points to public WAN ip).

But Dynamic DNS service from softether do not.

Thanks

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Dynamic DNS error message related to server certificates

Post by thisjun » Thu Jan 24, 2019 6:24 am

Nothing leads to a problem with an SSL Proxy that don't seem to exist.
The DDNS service registry work on HTTPS.
So, if there is MITM, DNS registry fails.

Post Reply