OpenSSL 3.0.2 PKCS12_parse Failure

Tomas Mraz tomas at
Tue Apr 5 06:40:16 UTC 2022

How do you load the legacy provider? Into which library context? It
needs to be loaded into the default (NULL) library context for the
PKCS12_parse() function.

The workaround would be to not use the certificate/key pair for the
server in the PKCS12 format but in the PEM format with separate key and
certificate files.

Tomas Mraz

On Fri, 2022-04-01 at 18:14 +0000, vchiliquinga--- via openssl-users
> Hello,
> Connection between a Openssl 3.0.2 server and a 1.1.1g client is
> proving to be unsuccessful.
> According to the logs collected we seem to be having an issue with
> the loading of the legacy providers.
> We are loading both the default and legacy providers programmatically
> as per the steps outlined in the Wiki for OpenSSL 3.0 – 6.2
> Providers.
> We are seeing the following error..
> error:0308010C:digital envelope
> routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:3
> 46:Global default library context, Algorithm (RC2-40-CBC : 0),
> Properties ()
> PKCS12_parse() failed = 183. (Using GetLastError from
> errhandlingapi.h, the 183 error code is obtained)
> Worth mentioning that we are only seeing this issue occur when the
> server is a Windows 2012 server.
> Thank you,
> Victor C.

Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list