Hi,
I was using strongswan 5.5.2 version where I was using ECDSA certificates.
Recently i have moved to strongswan version 5.6.3.
But with this new version I am facing issue in loading my certificates and
keys. Strongswan fails to load certificates.
I noticed this new line in it 'building CRED_CER
Hi All,
I tried verifying the same ecdsa certificate and ca cert on both strongswan
versions:
On strongswan 5.5.2 version:
[root@mac-6 ~]# pki --verify --in /etc/ipsec.d/certs/certificate-1.pem --ca
/etc/ipsec.d/cacerts/certificate-2.pem
using certificate "C=IN, ST=M, L=M, O=Yam, OU=Ya, CN=prim
Hi Yogesh,
> Whereas when i tried verifying the same set on strongswan version 5.6.3:
You need the openssl plugin to load ECDSA keys/certificates.
Regards,
Tobias
Thanks Tobias for the reply,
But I visited strongswan wiki page for plugins where description for
openssl plugin is - crypto backend based on openssl, provides
RSA/ECDSA/DH/ECDH support. So on my setup RSA certificates are working
whereas ECDSA certs are facing this issue.
So how does RSA certi
Hi Yogesh,
> So how does RSA certificate work without openssl plugin?
The gmp plugin (enabled by default) probably handles that.
Regards,
Tobias
