It turned out that the bug is rather specific for a very old directory. The workaround is to activate legacy in openssl, i.e. edit /etc/ssl/openssl.cnf, and uncomment the lines below [provider_sect] ... ## legacy = legacy_sect ## [legacy_sect] ## activate = 1 Maybe it's worth to put some document in the package.