FYI: I had a connection issue to our office’s IPFire box (v172) with my OpenVPN client on OpenSUSE Tumbleweed, which installs OpenSSL 3.x by default.
when trying to start with command: sudo openvpn --config MyOpenVPN.ovpn
, the OpenVPN error was
OpenSSL: error:11800071:PKCS12 routines::mac verify failure
OpenSSL: error:0308010C:digital envelope routines::unsupported
Decoding PKCS12 failed. Probably wrong password or unsupported/legacy encryption
SIGUSR1[soft,private-key-password-failure] received, process restarting
It worked with this workaround by adding / uncommenting the following lines in /etc/ssl/openssl.conf
on my Linux machine:
openssl_conf = openssl_init
[openssl_init]
providers = provider_sect
[provider_sect]
default = default_sect
legacy = legacy_sect
[default_sect]
activate = 1
[legacy_sect]
activate = 1
You can check with this command-line if it works:
sudo openssl pkcs12 -in MyOpenVPN.p12
See also:
https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers
hope this helps