P12 Certificate "errno:-17011"

jef
jef Posts: 39  Freshman Member
First Comment First Anniversary
edited January 2024 in Security

I have been importing P12 certificates for years.
It is scripted openssl to generate pkcs12 from PEM files.
openssl has not updated on linux since 2020.

Now the "import" under "certificates" gets error 'error -17011'.
"errmsg: PKI certificate type is not supported"

Tried a different browser, chrome and firefox both error.

Import certificate still states that Binary PKCS#12 is supported.
Did Zyxel break the certificate imports?

I can validate my p12 file with openssl, so the file is fine.

Accepted Solution

  • jef
    jef Posts: 39  Freshman Member
    First Comment First Anniversary
    Answer ✓

    Patched and Imported. Thank you!!

    FirmPatched.png
    Screenshot_2024-01-30_00-35-12.png

All Replies

  • jef
    jef Posts: 39  Freshman Member
    First Comment First Anniversary
    zybusted.png

  • jef
    jef Posts: 39  Freshman Member
    First Comment First Anniversary
    edited January 2024

    Testing, I used a p12 file from Oct 2023 (expired).
    The same p12 file that loaded into the zywall in Oct 2023.
    That same p12 file now fails.
    Which is proof that Zyxel broke the software for USG Flex 700.

    Can we get an emergency fix.

  • Zyxel_James
    Zyxel_James Posts: 663  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers

    @jef We have this fix in 5.37P1-WK03 firmware, I will provide it via private message, please check your inbox, thanks.

  • jef
    jef Posts: 39  Freshman Member
    First Comment First Anniversary
    Answer ✓

    Patched and Imported. Thank you!!

    FirmPatched.png
    Screenshot_2024-01-30_00-35-12.png

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)