P12 Certificate "errno:-17011"

Options
jef
jef Posts: 37  Freshman Member
First Anniversary 10 Comments
edited January 29 in Security

I have been importing P12 certificates for years.
It is scripted openssl to generate pkcs12 from PEM files.
openssl has not updated on linux since 2020.

Now the "import" under "certificates" gets error 'error -17011'.
"errmsg: PKI certificate type is not supported"

Tried a different browser, chrome and firefox both error.

Import certificate still states that Binary PKCS#12 is supported.
Did Zyxel break the certificate imports?

I can validate my p12 file with openssl, so the file is fine.

Accepted Solution

  • jef
    jef Posts: 37  Freshman Member
    First Anniversary 10 Comments
    Answer ✓
    Options

    Patched and Imported. Thank you!!

All Replies

  • jef
    jef Posts: 37  Freshman Member
    First Anniversary 10 Comments
    Options
  • jef
    jef Posts: 37  Freshman Member
    First Anniversary 10 Comments
    edited January 30
    Options

    Testing, I used a p12 file from Oct 2023 (expired).
    The same p12 file that loaded into the zywall in Oct 2023.
    That same p12 file now fails.
    Which is proof that Zyxel broke the software for USG Flex 700.

    Can we get an emergency fix.

  • Zyxel_James
    Zyxel_James Posts: 616  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    @jef We have this fix in 5.37P1-WK03 firmware, I will provide it via private message, please check your inbox, thanks.

  • jef
    jef Posts: 37  Freshman Member
    First Anniversary 10 Comments
    Answer ✓
    Options

    Patched and Imported. Thank you!!

Security Highlight