Opened 3 years ago
Last modified 3 years ago
#1028 assigned Bug / Defect
iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1)
Reported by: | Matteo13 | Owned by: | Antonio |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | OpenVPN Connect | Version: | OpenVPN Connect for iOS v1.2.9 |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | easy-rsa openssl pkcs5 |
Cc: |
Description
The latest version of OpenVPN connect doesn't seem to be able to decrypt RSA/EC private keys. I'm importing the .ovpn with the embedded key starting with "-----BEGIN ENCRYPTED PRIVATE KEY-----".
I am being asked for a password but it's not accepted, here is the error:
EVENT: CORE_ERROR mbed TLS: error parsing config private key : PKCS5 - Requested encryption or digest alg not available [ERR]
I'm attaching two sample keys, password is "test"
Attachments (2)
Change History (6)
Changed 3 years ago by
Attachment: | ecpass.ovpn added |
---|
Changed 3 years ago by
Attachment: | rsapass.ovpn added |
---|
comment:1 Changed 3 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 Changed 3 years ago by
Resolution: | fixed |
---|---|
Status: | closed → reopened |
I opened the issue because indeed version 1.2.9 did not work for me, I’m still getting the error. I also posted it on the forum https://forums.openvpn.net/viewtopic.php?f=36&t=25929
Also, I’m generating the PKI with easyrsa version 4.4, openssl 1.1, using this config:
set_var EASYRSA_ALGO ec set_var EASYRSA_CURVE secp384r1 set_var EASYRSA_DIGEST sha256
comment:4 Changed 3 years ago by
Status: | reopened → assigned |
---|---|
Summary: | iOS: PKCS5 error when prompted for the private key password → iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1) |
this should finally be fixed with 1.2.9. Please test and re-open this ticket if needed.