Password for p12-Certificate for VPN Account

Hi Guys,

if I go to the VPN Page and want to download the p12-File for an account using the link “Certificate and private key (PKCS12 format)” downloads the p12 file. If I execute it I have to enter the password for the private Key. But what is the Password? It is not the password of the account the certificate is for (my account).

You don’t need to open the file, and there is no password in it.

The p12 file can be passed to some client for establishing the VPN.

But when I want to use the build-in Windows VPN using L2TP/IPsec, I have to install the certificate into the Windows Cert Store. The VPN Connection itself never asks for it when connecting. It just tells me that the authentication failed.

Leaving the “Password”-Field blank results in a “you have to enter a password”-MessageBox

Really no idea how Windows works :smiley:

/cc @alefattorini @nrauso @mamengoni any hint?

What happens when using the name of the file (without the extension) as password?

works :slight_smile:
How do you know? Is it somewhere in the docs but I missed it?

Not sure if it’s the intended behaviour or a bug.

From the source code:

# Generate pkcs12 certificate
$errors += system("/usr/bin/openssl pkcs12 -export -in $crtOut -inkey $keyOut -certfile $crtFile -name '$commonName' -out $pkcsOut -password pass:$commonName"); 

If the pass: parameter is used without $commonName variable it would work with a blank password.

Ok, I’ve been caught! This is my code, but it was a younger me and that me wasn’t aware of what he was doing. :smiley:

Neither me, someone have suggestions?

1 Like

Why use a password?

:joy: :joy: :joy: