OpenSSL s_server command prompts for password even when we provide it in the command in OpenSSL 3.1 versions

Tomas Mraz tomas at openssl.org
Thu Jan 25 08:40:20 UTC 2024


Hello Ishani,

can you please report this issue on the
https://github.com/openssl/openssl GH project page?

This bug happens if you have the encrypted key in the same file as the
certificate. A simple workaround is to put the key in a separate file
and use the -key option to load it and have only the unencrypted
certificate in the file loaded with the -cert option.

But nevertheless it is a regression.

Kind regards,

Tomas Mraz, OpenSSL

On Thu, 2024-01-25 at 12:34 +0530, Ishani wrote:
>  Hi OpenSSL team,
> 
>       Hope You are having a very great day 🙂
> 
> This mail is regarding an issue which we are facing with
> the s_server command in OpenSSL 3.1.* (we’re not seeing this in older
> versions like 1.0.2 or 1.1.1k).  Please refer to the attached
> snapshot.
> 
> In the command we have used -pass pass:password, which is one of the
> mentioned ways to provide the server certificate password
> according to the OpenSSL documentation, still it’s prompting for a
> password as input from the user. 
> It works and returns ACCEPT even on pressing Enter key without
> providing any password which means it’s taking the password that is
> provided in the command line using -pass option.
>  
> The same s_server command works fine with previous OpenSSL versions
> and does not prompt for a password after being provided in the
> command itself.
> We tried different ways to suppress this prompt asking for password
> but nothing worked, we have an automated use case testing client
> server handshake where we are facing this issue.
> 
> Looking ahead for suggestions or any changes helping with this issue.
> Regards,
> Ishani

-- 
Tomáš Mráz, OpenSSL



More information about the openssl-users mailing list