CompTIA CASP+ (CAS-004) — Question 365

The following messages are displayed when a VPN client is attempting to connect to an OpenVPN server:

OpenSSL: error: 140760FC:SSL routines: SSL23_GET_CLIENT_HELLO: unknown protocol'
TLS_ERROR: BIO read tls_read_plaintext error'
TLS_ERROR: TLS object->incoming plaintext read error'
TLS_ERROR: TLS handshake failed'
SIGUSR1 [soft, tls_error] received, client_instance restarting'

Which of the following best explains the cause of these messages?

Answer options

• A. The client is attempting to establish an unencrypted connection with the server.
• B. The server is unreachable to the client and a connection cannot be established.
• C. The client is using LibreSSL libraries while the server is using OpenSSL libraries.
• D. A TLS version mismatch exists between the client and the server.

Correct answer: D

Explanation

The correct answer is D because the error messages indicate a failure during the TLS handshake, which often results from incompatible TLS versions. Options A and B do not directly relate to the SSL/TLS protocol errors being described, and option C is irrelevant as both libraries can interoperate if configured correctly.