If you are facing an issue regarding Failed TLS handshake on your PC while trying to set up “OpenVPN”, this guide will help you. We’ll discuss the reasons why this issue arises and how you can solve it in various ways. Let’s take a look at how the error message looks like:
“Sun May 13 19:39:51 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Sun May 13 19:39:51 2018 TLS Error: TLS handshake failed”.
What is OpenVPN?
It is an open-source software that implements virtual techniques for creating site-to-site or point-to-point connections in bridged configurations. The best part is that you can use it to resolve various issues for free. Since cyber-attacks are more common now, most people are showing interest in “Virtual Power Networks (VPN)” for digital privacy. The only drawback is that it will lessen the speed while you are using it.
Apart from that, it is too complicated to be used by beginners, and business proxies can easily block it. It is important to note that OpenVPN doesn’t add any software to your PC. Rather, it is just an encryption protocol for connecting the VPN. And it’s up to you to decide how you can configure it to your server.
What is “TLS handshake failed issue” and how does it occur?
A simple “TLS error” occurs when you try to connect to “OpenVPN”. And you will see this message on Mac, Android, iOS, Windows, and Linux-based devices. The word “Handshake” means the negotiation between the two ends, and it is quite similar to the situation when two different people meet for a purpose and shake hands in the first place before doing anything. But here, negotiation between the two servers will be termed as “Handshake”.
Apart from that, “Transport Layer Security (TLS)” is used every time you try to access a site or app over HTTPS. Or we can simply say that HTTPS is the implementation of “TLS Encryption”. So, “TLS Handshake Failed Issue” is one of the most common issues, and it usually occurs when “Windows Firewall” tries to block access for “openvpn.exe”. Here’s what the issue looks like:
“TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)”.
What are the Reasons behind “TLS handshake failed issue”?
There are multiple reasons behind “TLS handshake failed issue”. Let’s take a look at a few of them.
The client configuration doesn’t contain correct address in its file and the remote directive in that configuration must point at the server of IP address of it.
One of the perimeters named Firewall filters the OpenVPN packets. And OpenVPN uses TCP or UDP by default. Windows Firewall may also block access for “openvpn.exe” binary.
Let take a look at how you can resolve “TLS handshake failed issue”.
Methods to Resolve “TLS handshake failed issue”
Here are some of the methods to resolve this issue.
Method 1: Change “TLS Protocol” in Windows
Windows 10 along with earlier windows versions have a centralized protocol setting. So, in order to resolve “TLS handshake failed” issue, just change TLS version with the help of the following steps:
- Press “Windows + R” key for opening “Run Dialog Box”.
- Type “inetcpl.cpl” in it and click the “OK” button.
- In “Internet Properties”, press “Advanced” tab.
- Find “Security” part for adding or removing TLS.
- Check whether the TLS version you are using is 1.2 or 1.3.
- At the end, press “Apply” and then “OK” for saving the changes.
After doing it, try to open the same site again and see whether the method has worked or not.
Method 2: Change “TLS Protocol” in Firefox
Changing “TLS Protocol” in Windows is easy but you can do the same in Firefox also. You can follow the given steps:
- Start by opening “Firefox” browser and then type “about:config”. Press the “Enter” key then.
- In the search bar, type “TLS” for locating “security.tls.version.min”.
- You will have the option of changing it to “1 and 2 to force TLS 1 and 1.1”, “3 to force TLS 1.2”, “4 to force maximum protocol of TLS 1.3”.
Method 3: Delete Browser Profile
You might have seen browsers maintaining databases such as Firefox profiles having Cert8.DB file for certificates. If the issue is because of the certificate database, you can delete it and then restart the device. This is more like when the internet doesn’t work on your phone, and you either restart it or turn Airplane mode on to make it work. So, deleting the certificates, in this case, is a good option.
In Windows 10, when you’re using the Edge browser, the “Certificate Manager” may be responsible. So, you just need to go to edge://settings/privacy and then enter “Manage HTTPS/SSL certificates and settings” option. Deleting the certificates there may work for you.
Method 4: Reset the Browser
- In order to reset the browser, you just need to open the browser on Chrome and enter “Chrome://Settings” in the address bar. Press the “Enter” key then.
- Press “Advance Settings” after scrolling down.
- You will find a button saying “Reset Browser Settings”.
- After using this option, your profile will be reset. It will also reset the search engines along with content settings and Extensions while the Cookies will be deleted.
At the end, restart the browser and see whether “TLS handshake failed” issue has been resolved or not.
The “TLS handshake failed” issue may occur for several reasons, a few of which have been mentioned above. But you have multiple ways also to resolve it depending on the kind of reason involved. All you need is to look for the factors that affect TLS protocols and how you can change these in Firefox or Windows. The use of software or 3rd party apps is also useful, but you must take malware issues into account. Download Antimalware Tool Here. All in all, just start using different software in order for your system to work better.
Nishant Verma is a senior web developer who love to share his knowledge about Linux, SysAdmin, and more other web handlers. Currently, he loves to write as content contributor for ServoNode.