summaryrefslogtreecommitdiff
path: root/main/src/main/res/values/strings.xml
diff options
context:
space:
mode:
Diffstat (limited to 'main/src/main/res/values/strings.xml')
-rwxr-xr-xmain/src/main/res/values/strings.xml2
1 files changed, 2 insertions, 0 deletions
diff --git a/main/src/main/res/values/strings.xml b/main/src/main/res/values/strings.xml
index 9054d3cd..61cf4700 100755
--- a/main/src/main/res/values/strings.xml
+++ b/main/src/main/res/values/strings.xml
@@ -376,5 +376,7 @@
<string name="ab_vpn_reachability_44_title">Remote networks not reachable</string>
<string name="ab_persist_tun_title">Persist tun mode</string>
<string name="version_and_later">%s and later</string>
+ <string name="tls_cipher_alert_title">Connections fails with SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
+ <string name="tls_cipher_alert">Newer OpenVPN for Android versions (0.6.29/March 2015) use a more secure default for the allowed cipher suites (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Unfortunately, omitting the less secure cipher suites and export cipher suites, especially the omission of cipher suites that do not support Perfect Forward Secrecy (Diffie-Hellman) causes some problems. This usually caused by an well-intentioned but poorly executed attempts to strengthen TLS security by setting tls-cipher on the server.\nTo solve this problem the problem, set the tls-cipher settings on the server to reasonable default like tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". To work around the problem on the client add the custom option tls-cipher DEFAULT on the Android client.</string>
</resources>
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 04:44:17 +0000