Hi, I'm posting the follow question here as I was redirect to this mailing list for support by OpenVPN forum.
https://forums.openvpn.net/viewtopic.php?p=110748&hilit=error+0A00007B#p110748 This is a complex issue, and I am unsure whether this is an OpenVPN/OpenSSL/OpenSC issue or Yubikey libykcs11 issue. For OpenVPN server/client I'm using elliptic curve TLS certificates and client certificate/key is imported into a Yubikey. As workaround I can use cryptoapicert, however it's cumbersome, during OpenVPN client login process, as the smart-card pin query window directly popup behind OpenVPN client gui, so user need extra mouse clicks and move OpenVPN-client gui aside. Furthermore, it seems in case I've using Yubikey 5 with OTP interface for other purpose or I'm creating certificate/key in Yubikey 5 device the cryptoapicert will struggle, telling me, this smartcard cannot be used for requested operation. Therefore, I'm still interested find causer for pkcs11 provider libykcs11.dll and opensc-pkcs11.dll not working with OpenVPN 2.6. Any thoughts or hints on the possible issue causer are welcome. I am also highly interested on input for further debugging possibilities/procedures. I suspect OpenSSL 3.0.x in conjunction with PKCS11 PIV pkcs11-helper as a potential issue causer. Because a connection with OpenVPN 2.6 Server/Client is possible without using PKCS11 PIV. Many thanks in advance!
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
