Skip to content
Two Log Warnings
Got a problem with Viscosity or need help? Ask here!
Hi,
Things seem to be working fine with Viscosity, but I am consistently getting 2 warnings for every session . . .
The first warning is:
WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
But then the next line is:
Control Channel Authentication: using 'C:\Program Files\Common Files\Viscosity\OpenVPNConfig\#########\ta.key' as a OpenVPN static key file
Is this warning an artifact on how my VPN provider connects to OpenVPN?
Is there anything I need to do to correct this?
The second warning is:
WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this.
I don't see where to change this option in Viscosity. Is this important to address?
Thanks,
jdk
Things seem to be working fine with Viscosity, but I am consistently getting 2 warnings for every session . . .
The first warning is:
WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
But then the next line is:
Control Channel Authentication: using 'C:\Program Files\Common Files\Viscosity\OpenVPNConfig\#########\ta.key' as a OpenVPN static key file
Is this warning an artifact on how my VPN provider connects to OpenVPN?
Is there anything I need to do to correct this?
The second warning is:
WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this.
I don't see where to change this option in Viscosity. Is this important to address?
Thanks,
jdk
Hi JDK-1,
The link in the first warning explains what that is about, it is not related to TLS-Auth. You can specify an option that sets the name of the server certificate that should be expected to add another layer of security.
As for the second warning, unless you are worried someone might have access to your PC while you are connecting, and they also have access to get a memory dump, this isn't one to worry about much, but here is some more information which can be added as an advanced command - http://sparklabs.com/support/kb/article ... th-nocache
Regards,
Eric
The link in the first warning explains what that is about, it is not related to TLS-Auth. You can specify an option that sets the name of the server certificate that should be expected to add another layer of security.
As for the second warning, unless you are worried someone might have access to your PC while you are connecting, and they also have access to get a memory dump, this isn't one to worry about much, but here is some more information which can be added as an advanced command - http://sparklabs.com/support/kb/article ... th-nocache
Regards,
Eric
Eric Thorpe
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts
Page 1 of 1