How do you load the legacy provider? Into which library context? It needs to be loaded into the default (NULL) library context for the PKCS12_parse() function. The workaround would be to not use the certificate/key pair for the server in the PKCS12 format but in the PEM format with separate key and certificate files. Tomas Mraz On Fri, 2022-04-01 at 18:14 +0000, vchiliquinga--- via openssl-users wrote: > Hello, > > Connection between a Openssl 3.0.2 server and a 1.1.1g client is > proving to be unsuccessful. > > According to the logs collected we seem to be having an issue with > the loading of the legacy providers. > We are loading both the default and legacy providers programmatically > as per the steps outlined in the Wiki for OpenSSL 3.0 – 6.2 > Providers. > > We are seeing the following error.. > > error:0308010C:digital envelope > routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:3 > 46:Global default library context, Algorithm (RC2-40-CBC : 0), > Properties () > PKCS12_parse() failed = 183. (Using GetLastError from > errhandlingapi.h, the 183 error code is obtained) > > Worth mentioning that we are only seeing this issue occur when the > server is a Windows 2012 server. > > Thank you, > Victor C. -- Tomáš Mráz, OpenSSL
