OpenSSL 3.0.2 PKCS12_parse Failure
Tomas Mraz
tomas at openssl.org
Tue Apr 5 06:40:16 UTC 2022
How do you load the legacy provider? Into which library context? It
needs to be loaded into the default (NULL) library context for the
PKCS12_parse() function.
The workaround would be to not use the certificate/key pair for the
server in the PKCS12 format but in the PEM format with separate key and
certificate files.
Tomas Mraz
On Fri, 2022-04-01 at 18:14 +0000, vchiliquinga--- via openssl-users
wrote:
> Hello,
>
> Connection between a Openssl 3.0.2 server and a 1.1.1g client is
> proving to be unsuccessful.
>
> According to the logs collected we seem to be having an issue with
> the loading of the legacy providers.
> We are loading both the default and legacy providers programmatically
> as per the steps outlined in the Wiki for OpenSSL 3.0 – 6.2
> Providers.
>
> We are seeing the following error..
>
> error:0308010C:digital envelope
> routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:3
> 46:Global default library context, Algorithm (RC2-40-CBC : 0),
> Properties ()
> PKCS12_parse() failed = 183. (Using GetLastError from
> errhandlingapi.h, the 183 error code is obtained)
>
> Worth mentioning that we are only seeing this issue occur when the
> server is a Windows 2012 server.
>
> Thank you,
> Victor C.
--
Tomáš Mráz, OpenSSL
More information about the openssl-users
mailing list