burp_backup_restore_creates_empty_files_-_evp_cipherinit_ex_failed

burp backup restore creates empty files - EVP_CipherInit_ex failed

If restores of files backed up with burp backup produce empty files and the restore command shows the followig two lines in the command output, this article may help lower your blood pressure again :)

this is the erorr in the output of the burp -a r …. command that we are going to tackle here: 

2026-01-23 10:36:33 +0100: burp[3015199] EVP_CipherInit_ex failed
2026-01-23 10:36:33 +0100: burp[3015199] WARNING: Could not transfer file in:

Reason: burp clients before version 3.1.2 used to use blowfish to encrypt files. OpenSSL version 3 deprecates Blowfish and disables it by default. Burp therefore switched to AES-CBC-256 starting with version 3.1.2 but it still keeps the capability to restore old Blofwish encrypted files, as long as the openssl library on the client supports it.

so if we have a server which used to use an older version of burp where files wheren encrypted with blowfish, then the server was updated and is now using AES-CBC-256, we can run into this issue, if we restore a file that has not changed since the update, as this file will not have been updated in the backup either and hence is still encrypted with the old method.

This means, we have to turn on legacy cypers to get blowfish support so we can restore these older files:

on the client, edit /etc/ssl/openssl.conf

find the provider_sect section and add a new legacy line, it should look like this: 

[provider_sect]
default = default_sect
legacy = legacy_sect

find the default_sect section and activate it, then copy it and create a legacy_sect below it, which is also activated.. endresult: 

[default_sect]
activate = 1

[legacy_sect]
activate = 1

check if legacy providers are now active: 

# openssl list -providers
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.0.13
    status: active
  legacy
    name: OpenSSL Legacy Provider
    version: 3.0.13
    status: active

and now the restore works again :)

I suppose a long-term fix would be, to create a full backup, so all files are encrypted with the new cipher from now on.

  • burp_backup_restore_creates_empty_files_-_evp_cipherinit_ex_failed.txt
  • Last modified: 23.01.2026 10:52
  • by Pascal Suter