{"id":5713,"date":"2022-11-14T15:33:24","date_gmt":"2022-11-14T14:33:24","guid":{"rendered":"https:\/\/www.bdjl.de\/localhost\/?p=5713"},"modified":"2022-11-14T15:34:30","modified_gmt":"2022-11-14T14:34:30","slug":"openvpn-und-openssl-3-x","status":"publish","type":"post","link":"https:\/\/www.bdjl.de\/localhost\/?p=5713","title":{"rendered":"OpenVPN und OpenSSL 3.x"},"content":{"rendered":"<p>Das Arch-Update von OpenSSL auf Version 3.x brachte mit sich, dass ich nicht mehr via OpenVPN auf meinen Server kam.<\/p>\n<p>Fehlermeldungen waren ungef\u00e4hr solche hier:<\/p>\n<pre>2022-11-09 08:23:40 OpenSSL: error:11800071:PKCS12 routines::mac verify failure\r\n2022-11-09 08:23:40 OpenSSL: error:0308010C:digital envelope routines::unsupported\r\n2022-11-09 08:23:40 Decoding PKCS12 failed. Probably wrong password or unsupported\/legacy encryption\r\n2022-11-09 08:23:40 Error: private key password verification failed\r\n2022-11-09 08:23:40 Exiting due to fatal error<\/pre>\n<p>Die L\u00f6sung ist hier [<a href=\"https:\/\/wiki.archlinux.org\/title\/OpenVPN#OpenVPN_connection_fails_after_update_to_OpenSSL3\">1<\/a>, <a href=\"https:\/\/bbs.archlinux.org\/viewtopic.php?pid=2067602\">2<\/a>] beschrieben. Am schnellsten (wenn auch nicht am saubersten) geht es via Anpassung der <em>\/etc\/ssl\/openssl.cnf<\/em><\/p>\n<pre>[openssl_init]\r\nproviders = provider_sect\r\n\r\n[provider_sect]\r\ndefault = default_sect\r\nlegacy = legacy_sect\r\n\r\n[default_sect]\r\nactivate = 1\r\n\r\n[legacy_sect]\r\nactivate = 1\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Das Arch-Update von OpenSSL auf Version 3.x brachte mit sich, dass ich nicht mehr via OpenVPN auf meinen Server kam. Fehlermeldungen waren ungef\u00e4hr solche hier: 2022-11-09 08:23:40 OpenSSL: error:11800071:PKCS12 routines::mac verify failure 2022-11-09 08:23:40 OpenSSL: error:0308010C:digital envelope routines::unsupported 2022-11-09 08:23:40 Decoding PKCS12 failed. Probably wrong password or unsupported\/legacy encryption 2022-11-09 08:23:40 Error: private key password [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,5],"tags":[627,205],"class_list":["post-5713","post","type-post","status-publish","format-standard","hentry","category-lfb","category-linux","tag-openssl","tag-openvpn"],"_links":{"self":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5713"}],"version-history":[{"count":3,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5713\/revisions"}],"predecessor-version":[{"id":5716,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5713\/revisions\/5716"}],"wp:attachment":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}