Hello Ishani, can you please report this issue on the https://github.com/openssl/openssl GH project page? This bug happens if you have the encrypted key in the same file as the certificate. A simple workaround is to put the key in a separate file and use the -key option to load it and have only the unencrypted certificate in the file loaded with the -cert option. But nevertheless it is a regression. Kind regards, Tomas Mraz, OpenSSL On Thu, 2024-01-25 at 12:34 +0530, Ishani wrote: > Hi OpenSSL team, > > Hope You are having a very great day 🙂 > > This mail is regarding an issue which we are facing with > the s_server command in OpenSSL 3.1.* (we’re not seeing this in older > versions like 1.0.2 or 1.1.1k). Please refer to the attached > snapshot. > > In the command we have used -pass pass:password, which is one of the > mentioned ways to provide the server certificate password > according to the OpenSSL documentation, still it’s prompting for a > password as input from the user. > It works and returns ACCEPT even on pressing Enter key without > providing any password which means it’s taking the password that is > provided in the command line using -pass option. > > The same s_server command works fine with previous OpenSSL versions > and does not prompt for a password after being provided in the > command itself. > We tried different ways to suppress this prompt asking for password > but nothing worked, we have an automated use case testing client > server handshake where we are facing this issue. > > Looking ahead for suggestions or any changes helping with this issue. > Regards, > Ishani -- Tomáš Mráz, OpenSSL
