Hi,
this is definitely not an issue with the fix for Bug#1008015, which was
a very minor security bugfix targeted for
You are running unstable, therefor you have been upgraded to OpenVPN 2.6
and OpenSSL 3.0.
Could you please file a new bug about this with as much information as
available about your configuration? I have never used PKCS#12
certificates before. I guess this is more an issue of OpenSSL 3.0 than
OpenVPN 2.6.
> 2022-05-23 08:47:47 OpenSSL: error:0308010C:digital envelope
routines::unsupported
> 2022-05-23 08:47:47 OpenSSL: error:0308010C:digital envelope
routines::unsupported
> 2022-05-23 08:47:47 Decoding PKCS12 failed. Probably wrong password
or unsupported/legacy encryption
Bernhard
Am 23.05.22 um 09:31 schrieb Peter Keel:
Hi
Apparently since the fix for #1008015 openvpn now demands a password,
even though none was needed before.
2022-05-23 08:47:47 OpenVPN 2.6_git x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on May 20 2022
2022-05-23 08:47:47 library versions: OpenSSL 3.0.3 3 May 2022, LZO 2.10
🔐 Enter Private Key Password:
2022-05-23 08:47:47 OpenSSL: error:0308010C:digital envelope
routines::unsupported
2022-05-23 08:47:47 OpenSSL: error:0308010C:digital envelope
routines::unsupported
2022-05-23 08:47:47 Decoding PKCS12 failed. Probably wrong password or
unsupported/legacy encryption
2022-05-23 08:47:47 Error: private key password verification failed
2022-05-23 08:47:47 Exiting due to fatal error
The p12 comes by default from an OPNsense, I can't see how it's
generated, much less how to set or even enter a password there.
Cheers
Seegras
