User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36 Build Identifier: I use certificate authentication to connect to my work VPN. After upgrading to GNUTLS 3.5.7-1 from 3.5.6-1 I an no longer connect with the error: $ openconnect -k ~/.keys/client_key.pem -c ~/.keys/client_cert.pem myvpn.example.com POST https://myvpn.example.com/ Connected to [xxxx:xxx:c090:150::1]:443 Failed to load private key as PKCS#8: An illegal parameter was found. Loading certificate failed. Aborting. Failed to open HTTPS connection to myvpn.example.com Failed to obtain WebVPN cookie If i downgrade opentls using dnf openconnect can read my private key and everything is fine. I can verify the key with openssl and it is fine, but I cannot seem to figure out how to do with certtool. I use the same key/certificate with 802.1x wireless without a problem as well. Reproducible: Always Steps to Reproduce: 1.Upgrade to gnutls 3.5.7 2.Use my private key to connect via openssl Actual Results: Failed to load private key as PKCS#8: An illegal parameter was found. Expected Results: I would get a prompt for my PEM password: openconnect -k ~/.keys/client_key.pem -c ~/.keys/client_cert.pem myvpn.example.com POST https://myvpn.example.com/ Connected to [xxxx:xxx:c090:150::1]:443 Enter PEM pass phrase: fgets (stdin): Interrupted system call
*** Bug 1404192 has been marked as a duplicate of this bug. ***
https://gitlab.com/gnutls/gnutls/merge_requests/185
gnutls-3.5.7-2.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-a50e12625a
gnutls-3.5.7-3.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-a50e12625a
Could you please check whether the builds on koji [0] address your issue? [0]. https://koji.fedoraproject.org/koji/buildinfo?buildID=825101
It does; thanks.
This fixed my problem as well. Thanks for the quick fix!
gnutls-3.5.7-3.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-a50e12625a
gnutls-3.5.7-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
gnutls30-3.5.7-2.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a44b349047
gnutls30-3.5.7-2.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-a44b349047
gnutls30-3.5.7-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.