openvpn with ed25519 ca cert

Sun, 21 Apr 2024 06:18:50 -0700 

Hi,

Does libressl 3.9.0 on 7.5 lacks support for ed25519 certs
using tls 1.3?

Creating PKI with easy-rsa only works with ec secp521r1.

with ed25519 certs openvpn says:
xxx us=881571 OpenVPN 2.6.9 x86_64-unknown-openbsd7.5 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] 
xxx us=881757 library versions: LibreSSL 3.9.0, LZO 2.10
xxx us=890289 OpenSSL: error:14FFF18E:SSL routines:(UNKNOWN)SSL_internal:ca md too weak::/usr/src/lib/libssl/ssl_rsa.c:394: 

It works fine on FreeBSD (14) and linux (OpenSSL 3.x)

Best regards,

Peter

Reply via email to