OpenSSL decryption fails with unknown option '-pbkdf2'

OpenSSL decryption fails, because CircleCI uses outdated version that doesn’t support -pbkdf2. Running it on CircleCI side fails.

$ openssl aes-256-cbc -pbkdf2 -in .env.ci.enc -pass pass:$CIRCLE_ENC_KEY -d
unknown option '-pbkdf2'
...

Need a newer openssl.

Hi Anatoli. What executor are you running this under?

I guess it is docker.

jobs:
  test:
    docker:
        - image: docker:18.05.0-ce-git

Ok. Since that’s not a CircleCI image, it would be on upsteam to have the version of openSSL current. What happens when you try updating it with sudo apt-get update && sudo apt-get install openssl?

I am afraid it is Alpine 3.7.

Ok, looks like it’s this then:

    -run: apk update 
    -run: apk add openssh

Need to fix the problem with the image first.

Is it possible to use bash inside docker executor instead of sh?

With apk update

OpenSSL 1.0.2r  26 Feb 2019

Without apk update

OpenSSL 1.0.2r  26 Feb 2019

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.