OpenSSL 3.0.2 PKCS12_parse Failure

Tomas Mraz tomas at openssl.org
Tue Apr 5 06:40:16 UTC 2022


How do you load the legacy provider? Into which library context? It
needs to be loaded into the default (NULL) library context for the
PKCS12_parse() function.

The workaround would be to not use the certificate/key pair for the
server in the PKCS12 format but in the PEM format with separate key and
certificate files.

Tomas Mraz

On Fri, 2022-04-01 at 18:14 +0000, vchiliquinga--- via openssl-users
wrote:
> Hello,
>  
> Connection between a Openssl 3.0.2 server and a 1.1.1g client is
> proving to be unsuccessful.
>  
> According to the logs collected we seem to be having an issue with
> the loading of the legacy providers.
> We are loading both the default and legacy providers programmatically
> as per the steps outlined in the Wiki for OpenSSL 3.0 – 6.2
> Providers.
>  
> We are seeing the following error..
>  
> error:0308010C:digital envelope
> routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:3
> 46:Global default library context, Algorithm (RC2-40-CBC : 0),
> Properties ()
> PKCS12_parse() failed = 183. (Using GetLastError from
> errhandlingapi.h, the 183 error code is obtained)
>  
> Worth mentioning that we are only seeing this issue occur when the
> server is a Windows 2012 server.
>  
> Thank you,
> Victor C.

-- 
Tomáš Mráz, OpenSSL




More information about the openssl-users mailing list