Hi, On Wed, Sep 10, 2025 at 06:08:34PM +0200, Louis Chanouha via Openvpn-users wrote: > The new limited service account does'nt have access to the Windows > certificate store
Reports like this really should go to the issue tracker, or the openvpn-devel
list.
> 2025-09-10 17:59:04 Error in cryptoapicert: failed to acquire key. Key not
> present or is in a legacy token not supported by Windows CNG API: Le jeu de
> clés n???existe pas. (errno=-2146893802)
> 2025-09-10 17:59:04 Cannot load certificate "TMPL:[redacted]" from Microsoft
> Certificate Store
> 2025-09-10 17:59:04 Exiting due to fatal error
Well - this is somewhat expected. If you don't operate with maximum
privileges anymore, things that need privileges might break.
[..]
> Hope they will be a fix to preserve theses environnements.
We can not auto-fix this (except by reading all configs and changing
all your key permissions from within the installer, which we're not
going to do).
What we can, and need to do, is point this out very clearly in the
release notes.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
