$ openconnect -c ../tests/certs/ec-cert.pem -k ../tests/certs/ec-key-pkcs8-pbes2-sha1.pem auth.startssl.com POST https://auth.startssl.com/ Connected to 104.192.110.244:443 Failed to load private key as PKCS#8: An illegal parameter was found. I can "fix" this in OpenConnect thus: --- a/gnutls.c +++ b/gnutls.c @@ -1513,7 +1513,8 @@ static int load_certificate(struct openconnect_info *vpninfo) while ((err = gnutls_x509_privkey_import_pkcs8(key, &fdata, GNUTLS_X509_FMT_PEM, pass?:"", 0))) { - if (err != GNUTLS_E_DECRYPTION_FAILED) { + if (err != GNUTLS_E_DECRYPTION_FAILED && + err != GNUTLS_E_ILLEGAL_PARAMETER) { vpn_progress(vpninfo, PRG_ERR, _("Failed to load private key as PKCS#8: %s\n"), gnutls_strerror(err)); But I shouldn't have to, should I?
*** This bug has been marked as a duplicate of bug 1404084 ***