OpenSSL s_server command prompts for password even when we provide it in the command in OpenSSL 3.1 versions
Tomas Mraz
tomas at openssl.org
Thu Jan 25 08:40:20 UTC 2024
Hello Ishani,
can you please report this issue on the
https://github.com/openssl/openssl GH project page?
This bug happens if you have the encrypted key in the same file as the
certificate. A simple workaround is to put the key in a separate file
and use the -key option to load it and have only the unencrypted
certificate in the file loaded with the -cert option.
But nevertheless it is a regression.
Kind regards,
Tomas Mraz, OpenSSL
On Thu, 2024-01-25 at 12:34 +0530, Ishani wrote:
> Hi OpenSSL team,
>
> Hope You are having a very great day 🙂
>
> This mail is regarding an issue which we are facing with
> the s_server command in OpenSSL 3.1.* (we’re not seeing this in older
> versions like 1.0.2 or 1.1.1k). Please refer to the attached
> snapshot.
>
> In the command we have used -pass pass:password, which is one of the
> mentioned ways to provide the server certificate password
> according to the OpenSSL documentation, still it’s prompting for a
> password as input from the user.
> It works and returns ACCEPT even on pressing Enter key without
> providing any password which means it’s taking the password that is
> provided in the command line using -pass option.
>
> The same s_server command works fine with previous OpenSSL versions
> and does not prompt for a password after being provided in the
> command itself.
> We tried different ways to suppress this prompt asking for password
> but nothing worked, we have an automated use case testing client
> server handshake where we are facing this issue.
>
> Looking ahead for suggestions or any changes helping with this issue.
> Regards,
> Ishani
--
Tomáš Mráz, OpenSSL
More information about the openssl-users
mailing list