On Mon, Sep 03, 2018 at 06:26:05PM +0200, Gianpaolo Cugola wrote: > TLS: Got certificate from PKCS12: > subject='/C=IT/ST=Lombardia/L=Milano/O=Politecnico di Milano/OU=Area > Sistemi ICT/CN=x...@xxx.xx' > TLS: Got private key from PKCS12 > TLS - SSL error: error:140C618F:SSL routines:SSL_use_certificate:ee key too > small > OpenSSL: tls_connection_private_key - Failed to load private key > error:00000000:lib(0):func(0):reason(0) > TLS: Failed to load private key '/home/cugola/wifiCert_nopass.p12' > TLS: Failed to set TLS connection parameters
The fix it to tell your administrator to use 2048 (or more) bit keys. I assume there are certificates on both sides, so they both need to get replaced. You can work around this issue by putting something like this in your config file: openssl_ciphers=DEFAULT@SECLEVEL=1 But you really should use a certificate with a stronger key. Kurt