diff options
Diffstat (limited to 'main/src/main/res/values/strings.xml')
| -rwxr-xr-x | main/src/main/res/values/strings.xml | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/main/src/main/res/values/strings.xml b/main/src/main/res/values/strings.xml index cbd9c06b..c63ec601 100755 --- a/main/src/main/res/values/strings.xml +++ b/main/src/main/res/values/strings.xml @@ -436,8 +436,9 @@ <string name="kbits_per_second">%.1f kbit/s</string> <string name="mbits_per_second">%.1f Mbit/s</string> <string name="gbits_per_second">%.1f Gbit/s</string> + <string name="weakmd"><p>Starting with OpenSSL version 1.1, OpenSSL rejects weak signatures in certificates like MD5.</p><p><b>MD5 signatures are insecure and should not be used anymore.</b> MD5 collisions can be created in <a href="https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html">few hours at a minimal cost.</a>. You should update the VPN certificates as soon as possible.</p><p>Unfortunately, older easy-rsa distributions included the config option "default_md md5". If you are using an old easy-rsa version, update to the <a href="https://github.com/OpenVPN/easy-rsa/releases">latest version</a>) or change md5 to sha256 and regenerate your certificates.</p><p>If you really want to use old and broken certificates use the custom configuration option tls-cipher "DEFAULT:@SECLEVEL=0" under advanced configuration or as additional line in your imported configuration</p></string> - <string name="volume_byte">%.0f B</string> +<string name="volume_byte">%.0f B</string> <string name="volume_kbyte">%.1f kB</string> <string name="volume_mbyte">%.1f MB</string> <string name="volume_gbyte">%.1f GB</string> @@ -445,5 +446,6 @@ <string name="channel_description_background">Ongoing statistics of the established OpenVPN connection</string> <string name="channel_name_status">Connection status change</string> <string name="channel_description_status">Status changes of the OpenVPN connection (Connecting, authenticating,…)</string> + <string name="weakmd_title">Weak (MD5) hashes in certificate signature (SSL_CTX_use_certificate md too weak)</string> </resources> |