OpenVPN Support Forum

Hi,

We have few user who use windows 10. We are encrypting the client private key and adding that client key pair in ovpn file. The issue we are seeing is, if private key is in PCKS8 format then we are getting below exception.

EVENT: mbed TLS: error parsing config private key : PKCS5 - Requested encryption or digest alg not available

But if I convert that private key to PKCS1 format then it is working. Do you know why openVPN throws error for PCKS8?
Also on any device open VPN is ignoring remote-random-hostname option. I've to manually add random hostname to VPN host. Is this a know issue with openVPN connect client?


Moved this to Cert / Config management.
viewtopic.php?f=22&t=30595

gopiv wrote: ↑

Wed Jul 08, 2020 11:25 pm

EVENT: mbed TLS: error parsing config private key : PKCS5 - Requested encryption or digest alg not available

Looks like either mbedTLS or openVPN connect 3 does not support PKCS5/8 (I assume a typo) or your digest alg ..

gopiv wrote: ↑

Wed Jul 08, 2020 11:25 pm

Also on any device open VPN is ignoring remote-random-hostname option

Perhaps that option is not supported by the versions you are using ..

I've used same config in MAC and it worked.
The except says its PKCS5, its not typo

gopiv wrote: ↑

Wed Jul 08, 2020 11:57 pm

used same config in MAC and it worked

MAC use LibreSSL. no ?

openVPN connect 3 is closed source so you will probably need to raise a ticket here:
https://openvpn.net/vpn-server/

Let me do that. Thanks