Opened 7 years ago
Closed 2 years ago
#1028 closed Bug / Defect (wontfix)
iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1)
Reported by: | Matteo13 | Owned by: | OpenVPN Inc. |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | OpenVPN Connect | Version: | OpenVPN Connect for iOS v1.2.9 |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | easy-rsa openssl pkcs5 |
Cc: |
Description
The latest version of OpenVPN connect doesn't seem to be able to decrypt RSA/EC private keys. I'm importing the .ovpn with the embedded key starting with "-----BEGIN ENCRYPTED PRIVATE KEY-----".
I am being asked for a password but it's not accepted, here is the error:
EVENT: CORE_ERROR mbed TLS: error parsing config private key : PKCS5 - Requested encryption or digest alg not available [ERR]
I'm attaching two sample keys, password is "test"
Attachments (2)
Change History (8)
Changed 7 years ago by
Attachment: | ecpass.ovpn added |
---|
Changed 7 years ago by
Attachment: | rsapass.ovpn added |
---|
comment:1 Changed 7 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 Changed 7 years ago by
Resolution: | fixed |
---|---|
Status: | closed → reopened |
I opened the issue because indeed version 1.2.9 did not work for me, I’m still getting the error. I also posted it on the forum https://forums.openvpn.net/viewtopic.php?f=36&t=25929
Also, I’m generating the PKI with easyrsa version 4.4, openssl 1.1, using this config:
set_var EASYRSA_ALGO ec set_var EASYRSA_CURVE secp384r1 set_var EASYRSA_DIGEST sha256
comment:4 Changed 7 years ago by
Status: | reopened → assigned |
---|---|
Summary: | iOS: PKCS5 error when prompted for the private key password → iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1) |
comment:5 Changed 4 years ago by
Owner: | changed from Antonio Quartulli to OpenVPN Inc. |
---|
comment:6 Changed 2 years ago by
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).
Please resubmit - if still relevant - via https://support.openvpn.net/
this should finally be fixed with 1.2.9. Please test and re-open this ticket if needed.