Page 1 of 1
Key with passphrase does not work
Posted: Fri Mar 15, 2013 11:20 am
by vali
OpenVPN connect works absolute fine and out of the box with a cert/key without a passphrase but not using a key with a passphrase! I get this error message:
OpenVPN error : PolarSSL: error parsing config private key : X509 - Invalid RSA key tag or value : ASN1 - ASN1 tag was of an unexpected value [ERR]
Using the same cert/key on a linux client works fine including asking fpr the passphrase. Are passphrases not supported in OpenVPN connect?
Regards, Valentin
Re: Key with passphrase does not work
Posted: Tue Jun 04, 2013 3:03 pm
by plittlefield
+1
Something similar going on...
I too have successfully connected to the VPN but without asking me for a passphrase!
If I install the same client info on a Windows or Linux PC, the client software prompts for a passphrase and all is well.
What am I doing wrong?
Have I missed a tick box option or something?
I am deeply reluctant to allow this software to connect to the office VPN without an extra level of security on an iPad.
Paully
Re: Key with passphrase does not work
Posted: Wed Jun 05, 2013 8:20 pm
by aimmerman
The default OpenVPN key encryption algorithm doesn't seem to be supported by OpenVPN Connect iOS. On my devices, passphrases work after being re-encrypted using T-DES.
From a shell, to decrypt the key (remove the passphrase):
openssl rsa -in [key-encrypted-old].key -out [key-unencrypted].key
To re-encrypt the key w. T-DES:
openssl rsa -in [key-unencrypted].key -des3 -out [key-encrypted-new].key
Remember not to leave the unencrypted key sitting around (best to shred it).
Andrew
Re: Key with passphrase does not work
Posted: Thu Jun 06, 2013 10:47 am
by plittlefield
Thanks, I will try that and report back.