search

inverse-inc / packetfence

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
https://packetfence.org
GNU General Public License v2.0
1.31k stars 278 forks source link

tests: wired_radius_extract_certificates: extract p12 is not working on debian12 #8172

Closed JeGoi closed 2 months ago

JeGoi commented 3 months ago

Describe the problem

root@pfdeb12dev:/usr/local/pf/t/venom# openssl pkcs12 -in /tmp/tmp.Gi06uWU66w/InverseCA1_radius_cert.p12 -cacerts -nokeys -out /tmp/tmp.Gi06uWU66w/InverseCA1.crt -passin pass:secret
Error outputting keys and certificates
40171651867F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()
root@pfdeb12dev:

Mandatory informations

Symptoms How the problem can be identified if it appears again ?

lzammit commented 3 months ago

The command is working, so it means that it could be openssl libraries issue or the file is bad.

I think it's the file.

Thanks,

JeGoi commented 3 months ago

https://github.com/openssl/openssl/discussions/23089#discussioncomment-7895826 I added the -legacy. CI tests in progress.