Two Log Warnings

Got a problem with Viscosity or need help? Ask here!

JDK-1

Posts: 1
Joined: Sun Sep 25, 2016 1:34 am

Post by JDK-1 » Sun Sep 25, 2016 2:01 am
Hi,

Things seem to be working fine with Viscosity, but I am consistently getting 2 warnings for every session . . .

The first warning is:

WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

But then the next line is:

Control Channel Authentication: using 'C:\Program Files\Common Files\Viscosity\OpenVPNConfig\#########\ta.key' as a OpenVPN static key file

Is this warning an artifact on how my VPN provider connects to OpenVPN?

Is there anything I need to do to correct this?

The second warning is:

WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this.

I don't see where to change this option in Viscosity. Is this important to address?

Thanks,
jdk

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Mon Sep 26, 2016 11:15 am
Hi JDK-1,

The link in the first warning explains what that is about, it is not related to TLS-Auth. You can specify an option that sets the name of the server certificate that should be expected to add another layer of security.

As for the second warning, unless you are worried someone might have access to your PC while you are connecting, and they also have access to get a memory dump, this isn't one to worry about much, but here is some more information which can be added as an advanced command - http://sparklabs.com/support/kb/article ... th-nocache

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts Page 1 of 1