Hi, On 14/03/2019 14:00, Gert Doering wrote: > Hi, > > On Thu, Mar 14, 2019 at 01:53:44PM +0100, Stefanie Leisestreichler wrote: >> Am 14.03.19 um 13:42 schrieb Gert Doering: >>> ... actually, it's barely 10 years, but it's*so* old that it's not >>> really worth looking into trouble reports - OpenVPN has bugs, the SSL >>> library it will be using has crucial bugs. >> >> I know it is old, that is the reason why the server will be migrated. >> Nevertheless for this migration I need to get OpenVPN to work there. > > Well... the error message is pretty clear: the private key passphrase > you have entered is not working to decrypt the private key. > > This could be due to "issues with keyboard layout" or "encoding" > (non-ASCII characters involved?), possibly even with "new SSL library > used for key generation, encrypted with AES, while the old SSL library > only handles 3DES encrypted keys"... > > I'd just circumvent this - if this is only for a migrational period, > generate a private key without passphrase, done.
by looking at the message: error:0607607D:digital envelope routines:PKCS5_v2_PBE_keyivgen:unsupported prf: error:06074078:digital envelope I aree with Gert as it sounds like the key was encrypted with a method that is not available to the SSL library you are using on this host. I'd follow Gert suggestion and just decrypt the key before giving it to openvpn. Regards, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
