Page 1 of 1

VPNGATE UK servers

Posted: Fri Apr 10, 2020 1:37 pm
by artisticforge
Hello

I have been running openvpn with various verbose levels to determine what is the "health" of the UK VPNGATE servers.

Of the 222 vpngate uk servers that I know of, there are 121 unique ipv4 addresses.
Of the 121 unique ipv4 addresses 16 hosts respond to connection attempts
They all fail with the same error:
Apr 10 02:20:06 2020 us=446349 VERIFY ERROR: depth=2, error=self signed certificate in certificate chain: \
C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
Apr 10 02:20:06 2020 us=446594 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Apr 10 02:20:06 2020 us=446684 TLS_ERROR: BIO read tls_read_plaintext error
Apr 10 02:20:06 2020 us=446764 TLS Error: TLS object -> incoming plaintext read error
Apr 10 02:20:06 2020 us=446840 TLS Error: TLS handshake failed

None of the 222 vpngate UK ovpn files that I have, have a certificate from USERTrust RSA Certification Authority.
They all use COMODO RSA Certification Authority
They all use the same certificate.
I used the below command line to determine that.
for ovpn in vpngate_vpn[[:digit:]{9}]*ovpn vpngate-deferred.dir/vpngate_vpn[[:digit:]{9}]*ovpn
do echo -n "${ovpn} "; openssl x509 -in ${ovpn} -text | md5sum --; done | less -S

The UK Hosts which do respond have had their certificates changed.

Given other errors that I have seen, which required that I use the "float" option of openvpn,
it is entirely possible that these vpngate hosts are being proxy by either a Korean or Japanese vpngate host.

The one UK host which I number as 119, was connecting to a Korean ipv4 address even that the original ipv4 address was one for the UK.

The question that I now have is "Who actually controls the vpngate servers?"

I may have to download the vpngate server software and run one to find out.