58

I try to use curl on Windows to post a timestamp request. Authentication is needed, so I use p12 file. I get error message, but password of p12 file is correct.

Command:

curl --insecure --cert-type P12 --cert my.p12:mypassword -X POST -d @mytest.req <myTSURL>

Error message:

curl: (58) could not parse PKCS12 file, check password, OpenSSL error error:0308010C:digital envelope routines::unsupported

curl -V

curl 7.83.1 (x86_64-pc-win32) libcurl/7.83.1 OpenSSL/3.0.2 (Schannel) zlib/1.2.12 brotli/1.0.9 libidn2/2.3.2 libssh2/1.10.0 nghttp2/1.47.0 ngtcp2/0.5.0 nghttp3/0.4.1 libgsasl/1.10.0
Release-Date: 2022-05-11
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL SSPI TLS-SRP UnixSocket
Improve this question
1
  • Can anyone help me what to do for Mac ? Commented Jun 27, 2024 at 8:30

4 Answers 4

Reset to default
101

Meta: this isn't really programming or development, and would probably be better on superuser or maybe security.SX, but this is issue is likely to become more common as OpenSSL 3.0 spreads and I wanted to get the answer out.

OpenSSL 3.0.x (and up) by default doesn't support old/insecure algorithms, but until recently most software that creates PKCS12 (including OpenSSL 1.x.x) used such an algorithm for the certbag(s), namely a PKCS12-defined PBE using 40-bit RC2, usually abbreviated RC2-40 – and some still does at least sometimes, like the Windows 10 cert-export dialog by default. To check this do

openssl pkcs12 -in my.p12 -info -nokeys -nocerts 
# in 3.x.x add -provider legacy -provider default or just -legacy
# to avoid prompt use -password or -passin, see man pages

and I expect the output will include

PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048

See if your curl has an option to specify the OpenSSL 3.0.x providers and if so specify (fixed) both 'legacy' and 'default'. Otherwise, convert your pkcs12 like

# in 3.x.x
openssl pkcs12 -in old -nodes -provider legacy -provider default -out temp && openssl pkcs12 -in temp -export -out new
# or simpler
openssl pkcs12 -in old -nodes -legacy -out temp && openssl pkcs12 -in temp -export -out new

# in 1.x.x
openssl pkcs12 -in old -nodes -out temp && openssl pkcs12 -in temp -export -descert -out new 

# and in either case securely delete temp; on systems with a memory tmpfs, 
# typically /tmp, putting the file there can help assure this

# IFF 'old' was created by software that put the keybag before the certbag,
# which you can infer from the order displayed by pkcs12 -info,
# you can skip the temp file and pipe directly from one openssl to the other
# compare https://stackoverflow.com/q/54469754/95735 found by @PiotrDobrogost

Conversion loses any 'friendlyname' set in the existing file. For curl, and probably most other programs, this doesn't matter, but if you want to use this same file with something where friendlyname does matter, add -name $name on the -export part.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Hey, so if RC2-40 is old & unsecure, which algorithm should be used?
@user3677636: certs don't really need to be encrypted, because the point of public-key crypto is that public keys, and certs, can be public. So RC2-40 isn't actually a vulnerabililty, but it is a wart: it looks silly to encrypt but do it badly. Nicer options are to not encrypt at all which openssl can do with -certpbe NONE but other software maybe not, or to use the same PBE-SHA1-3DES traditionally used for keybag(s), which is what all my commands above do (3.0.x uses that by default, and 1.x.x with -descert does the same in spite of saying des and not 3des or tdes etc)
This solution allow you to convert given [test_cert.p12 by czech Raiffeisenbank]( developers.rb.cz/premium/documentation/02rbczpremiumapi_sandbox) for current curl, php, python ..... (succesfully tested today)
@dave_thompson_085 would using -keypbe AES-256-CBC -certpbe AES-256-CBC in 1.x.x make it generate what 3.x.x would generate by default? The manpage for 3.x.x states that The default encryption algorithm is AES-256-CBC with PBKDF2 for key derivation, but is providing the string AES-256-CBC enough to also make it use PBKDF2?
@DanielF: mostly and yes. Using -{key,cert}pbe aes-256-cbc does force PBES2 and PBKDF2 in all versions, but 1.0.x uses (Hmac)SHA1 in PBKDF2 while 1.1.x and 3.x.x use (Hmac)SHA256. Also the PBMAC defaults to SHA1 in 1.0.x and 1.1.x but SHA256 in 3.x.x, so you also want -macalg SHA256.
41

I was getting the same error using OpenVPN. I was able to fix it by adding or uncommenting the following lines in the /etc/ssl/openssl.cnf configuration file:

openssl_conf = openssl_init

[openssl_init]
providers = provider_sect

[provider_sect]
default = default_sect
legacy = legacy_sect

[default_sect]
activate = 1

[legacy_sect]
activate = 1

This is based on the information at OpenSSL WIKI

Improve this answer

6 Comments

Worked for me, windows subsystem for Linux, thankyou!
Yeah, fixed my issue connecting to VPN with pkcs12 file after Ubuntu upgrade to 22.10 / openvpn 2.6
Worked for me too on Ubuntu 23.04. OpenVPN 2.6.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
This was simple and worker perfectly without any extra parameters or the need to convert the input p12.
This solved my issues. I was getting errors trying to use Kafka with a PKCS#12 file. Thank you!
|
13

Trying to inspect a p12 on my mac I was getting

Error outputting keys and certificates
400FD10702000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:341:Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()
Could not read certificate from <stdin>

This worked for me openssl pkcs12 -in DEVCertificates.p12 -info -nodes -legacy So you I need to add -nodes -legacy

https://www.iclarified.com/92617/how-to-fix-error-0308010c-digital-envelope-routines-unsupported

Improve this answer

3 Comments

This worked for me trying to convert a .pfx cert into a .cert output file.
This worked for me! I could extract a .crt file from a .p12 keystore file
I experienced the same issue when converting from .pfx to .pem . I had to use the command openssl pkcs12 -legacy -in mycert.pfx -out output_all.pem -nodes . As others highlighted, the key words are adding the flag -legacy to support legacy algorithms already deprecated in current openssl versions, and the flag -nodes to remove any password from the .pfx file
0

On Unix-like (Linux, macOS, Git bash, etc.):

export NODE_OPTIONS=--openssl-legacy-provider

This fix my problem https://github.com/webpack/webpack/issues/14532#issuecomment-947012063

Improve this answer

1 Comment

But that doesn’t answer the question asked, which is specifically tagged for Windows. If you want to answer based on LInux, check to see if an existing question asks that’s tagged accordingly, and answer there. If there isn’t one, feel free to create one and answer your own question as documentation for people in the future with this question. But don’t post an answer that’s not directly relevant to the question asked.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.