Bug: VPN Unlimited TLS_ERROR

[CorentinWicht]

Is this urgent?

Yes

Host OS

Ubuntu

CPU arch

x86_64

VPN service provider

VPNUnlimited

What are you using to run the container

Portainer

What is the version of Gluetun

2025-01-22T08:30:14.628Z (2.29.2)

What's the problem 🤔

Dear Support Team,

Since this morning, Portainer is indicating that my Gluetun container is unhealthy (see log below) while it's been working perfectly fine for over 1 year.

Any idea what could be going wrong ?
I suspect that my VPN provider, VPN Unlimited, updated their SSL certificate and this might be causing the issue .. If yes, then what should I do?

Best,

Corentin W.

Share your logs (at least 10 lines)

025-04-01T14:34:05+02:00 INFO [firewall] allowing VPN connection...
2025-04-01T14:34:06+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2025-04-01T14:34:06+02:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2025-04-01T14:34:06+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]62.210.204.161:1197
2025-04-01T14:34:06+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2025-04-01T14:34:06+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]62.210.204.161:1197
2025-04-01T14:34:06+02:00 INFO [openvpn] VERIFY ERROR: depth=2, error=self-signed certificate in certificate chain: C=US, ST=NY, L=New York, O=KeepSolid Inc., OU=KeepSolid VPN Root CA, CN=KeepSolid VPN Root CA, [email protected], serial=590830292952905902500539248317331898854520058318
2025-04-01T14:34:06+02:00 INFO [openvpn] OpenSSL: error:0A000086:SSL routines::certificate verify failed:
2025-04-01T14:34:06+02:00 INFO [openvpn] TLS_ERROR: BIO read tls_read_plaintext error
2025-04-01T14:34:06+02:00 INFO [openvpn] TLS Error: TLS object -> incoming plaintext read error
2025-04-01T14:34:06+02:00 INFO [openvpn] TLS Error: TLS handshake failed
2025-04-01T14:34:06+02:00 INFO [openvpn] SIGTERM received, sending exit notification to peer
2025-04-01T14:34:06+02:00 INFO [openvpn] SIGTERM[soft,tls-error] received, process exiting
2025-04-01T14:34:06+02:00 INFO [vpn] retrying in 15s

Share your configuration

networks:
  mediaserver:
    external: true
    name: "mediaserver"

services:
  gluetun:
    cap_add:
      - "NET_ADMIN"
    container_name: "gluetun"
    devices:
      - "/dev/net/tun:/dev/net/tun"
    environment:
      - "VPN_SERVICE_PROVIDER=vpn unlimited"
      - "OPENVPN_USER=KS2-XXX"
      - "OPENVPN_PASSWORD=XXX"
      - "SERVER_COUNTRIES=France"
      - "TZ=Europe/Zurich"
    image: "qmcgaw/gluetun:latest"
    networks:
      - "mediaserver"
    ports:
      - "8388:8388/tcp"
      - "8388:8388/udp"
      - "8888:8888/tcp"
      - "8090:8090/tcp"
      - "6887:6887/tcp"
      - "6887:6887/udp"
    restart: "unless-stopped"
    volumes:
      - "/home/Docker/appdata/Gluetun:/gluetun"

  qbittorrent:
    image: linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=1000
      - PGID=1000
      - TZ="TZ=Europe/Zurich"
      - WEBUI_PORT=8090 
      - TORRENTING_PORT=6887 
    volumes:
      - /home/Docker/appdata/Qbittorrent:/config
      - /media/PlexData/Downloads:/downloads
    network_mode: "service:gluetun"
    restart: "unless-stopped"

[github-actions]

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

• do not ask for updates, be patient
• 👍 the issue to show your support instead of commenting
  @qdm12 usually checks issues at least once a week, if this is a new urgent bug,
  revert to an older tagged container image

[CorentinWicht]

My bad, this is a duplicate of: #2760

[github-actions]

Closed issues are NOT monitored, so commenting here is likely to be not seen.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor issues closed.