Not a bug: PP renewed certificates without SANs?

HopOnHopOff

Freshly Joined Member
My phone can no longer connect to the VPN. I don't use this device often (I think I haven't used it this year until now), and I have always on VPN enabled, this means I cannot update the application without having an active connection first.

When I check the logs after failed connectivity for any location, I get the following:

"received end entity cert, C=.. O=.., CN=oslo1.perfect-privacy.com"
certificate valid until august
"subject certificate invalid, no trusted RSA pub key found for oslo.perfect-privacy.com"

It's very likely that you have renewed these certificates recently this year without keeping the Subject Alternative Name fields.
I see you rotate them every 3 months, so the issue may even be older than 3 months, since I couldn't find a location with an older certificate, that would maybe be accepted by my device.

I'm using a One Plus 7 Pro with Oxygen OS, so this is concerning the Android application.
 
Back
Top