Context Navigation

← Previous Ticket
Next Ticket →

#1028 closed Bug / Defect (wontfix)

iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1)

Reported by:	Matteo13	Owned by:	OpenVPN Inc.
Priority:	major	Milestone:
Component:	OpenVPN Connect	Version:	OpenVPN Connect for iOS v1.2.9
Severity:	Not set (select this one, unless your'e a OpenVPN developer)	Keywords:	easy-rsa openssl pkcs5
Cc:

Description

The latest version of OpenVPN connect doesn't seem to be able to decrypt RSA/EC private keys. I'm importing the .ovpn with the embedded key starting with "-----BEGIN ENCRYPTED PRIVATE KEY-----".

I am being asked for a password but it's not accepted, here is the error:

EVENT: CORE_ERROR mbed TLS: error parsing config private key : PKCS5 - Requested encryption or digest alg not available [ERR]

I'm attaching two sample keys, password is "test"

Attachments (2)

ecpass.ovpn (387 bytes) - added by Matteo13 5 years ago.
rsapass.ovpn (1.8 KB) - added by Matteo13 5 years ago.

Download all attachments as: .zip

Change History (8)

Changed 5 years ago by Matteo13

Attachment:	ecpass.ovpn added

Changed 5 years ago by Matteo13

Attachment:	rsapass.ovpn added

comment:1 Changed 5 years ago by Antonio Quartulli

Resolution:	→ fixed
Status:	new → closed

this should finally be fixed with 1.2.9. Please test and re-open this ticket if needed.

comment:2 Changed 5 years ago by Matteo13

Resolution:	fixed
Status:	closed → reopened

I opened the issue because indeed version 1.2.9 did not work for me, I’m still getting the error. I also posted it on the forum https://forums.openvpn.net/viewtopic.php?f=36&t=25929

Also, I’m generating the PKI with easyrsa version 4.4, openssl 1.1, using this config:

set_var EASYRSA_ALGO ec
set_var EASYRSA_CURVE secp384r1
set_var EASYRSA_DIGEST sha256

comment:3 Changed 5 years ago by Matteo13

Typo: easyrsa release 3.0.4

comment:4 Changed 5 years ago by Antonio Quartulli

Status:	reopened → assigned
Summary:	iOS: PKCS5 error when prompted for the private key password → iOS: PKCS5 error when prompted for the private key password (encrypted with OpenSSL 1.1)

comment:5 Changed 21 months ago by Antonio Quartulli

Owner:	changed from Antonio Quartulli to OpenVPN Inc.

comment:6 Changed 6 weeks ago by Gert Döring

Resolution:	→ wontfix
Status:	assigned → closed

OpenVPN Inc does not want to receive any feedback for the "Connect"
OpenVPN clients via the community bug trackers (here and in GH issues).

Please resubmit - if still relevant - via https://support.openvpn.net/

Note: See TracTickets for help on using tickets.

Download in other formats: