Re: OpenSSL 3.0.2 PKCS12_parse Failure

2022-04-05 Thread Tomas Mraz 
How do you load the legacy provider? Into which library context? It
needs to be loaded into the default (NULL) library context for the
PKCS12_parse() function.

The workaround would be to not use the certificate/key pair for the
server in the PKCS12 format but in the PEM format with separate key and
certificate files.

Tomas Mraz

On Fri, 2022-04-01 at 18:14 +, vchiliquinga--- via openssl-users
wrote:
> Hello,
>  
> Connection between a Openssl 3.0.2 server and a 1.1.1g client is
> proving to be unsuccessful.
>  
> According to the logs collected we seem to be having an issue with
> the loading of the legacy providers.
> We are loading both the default and legacy providers programmatically
> as per the steps outlined in the Wiki for OpenSSL 3.0 – 6.2
> Providers.
>  
> We are seeing the following error..
>  
> error:0308010C:digital envelope
> routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:3
> 46:Global default library context, Algorithm (RC2-40-CBC : 0),
> Properties ()
> PKCS12_parse() failed = 183. (Using GetLastError from
> errhandlingapi.h, the 183 error code is obtained)
>  
> Worth mentioning that we are only seeing this issue occur when the
> server is a Windows 2012 server.
>  
> Thank you,
> Victor C.

-- 
Tomáš Mráz, OpenSSL

RE: OpenSSL 3.0.2 PKCS12_parse Failure

2022-04-04 Thread vchiliquinga--- via openssl-users 
Hello,

Seems our email system scrubbed the response to my question because it was a 
link. 
Could I ask the response be sent to the follow email instead, 
chiliquing...@outlook.com

Thanks!

Message: 3
Date: Fri, 1 Apr 2022 18:14:38 +
From: 
To: 
Cc: 
Subject: OpenSSL 3.0.2 PKCS12_parse Failure
Message-ID:



Content-Type: text/plain; charset="us-ascii"

Hello,

Connection between a Openssl 3.0.2 server and a 1.1.1g client is proving to be 
unsuccessful.

According to the logs collected we seem to be having an issue with the loading 
of the legacy providers.
We are loading both the default and legacy providers programmatically as per 
the steps outlined in the Wiki for OpenSSL 3.0 - 6.2 Providers.

We are seeing the following error..

error:0308010C:digital envelope 
routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:346:Global 
default library context, Algorithm (RC2-40-CBC : 0), Properties ()
PKCS12_parse() failed = 183. (Using GetLastError from errhandlingapi.h, the 183 
error code is obtained)

Worth mentioning that we are only seeing this issue occur when the server is a 
Windows 2012 server.

Thank you,
Victor C.
-- next part --
An HTML attachment was scrubbed...
URL: 


--