Hi Martin,
I downloaded the openssl-1.0.0d.tar.gz. Build the openssl with
enabled the ec and ecdh (Elliptic curve Diffie–Hellman Group) support as stated
below.
1. ./config enable-ec enable-ecdh
2. make
3. make test
4. make install
But upon checking whether ECDH has been enabled or not via #openssl
ciphers –v ‘ECDH’ , it complains with the following error
Error in cipher list
3079456476: error: 1410DB9: SSL
routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1282:
I need to use openssl’s ECDH to enhance the IKE (v2) tunnel
setup rate using strongswan(5.0.4)'s load tester plugin. I am using Fedora
Linux (kernel version: 2.6.33.3-85.fc13.i686). Please
suggest if I am wrong or missing something. Thanks in advance for your support
and response.
Regards,
Chinmaya
On Friday, January 17, 2014 3:55 PM, Chinmaya Dwibedy <[email protected]>
wrote:
Thanks Martin for your prompt response. Let me follow up your suggestions and
try again.
On Friday, January 17, 2014 3:51 PM, Martin Willi <[email protected]> wrote:
Hi,
> Similarly checked the SSL ciphers supported via OpenSSL> ciphers
> command but did not find the
elliptic curve Diffie-Hellman group. I am
> using the Fedora Linux (2.6.33.3-85.fc13.i686) and the version of
> OpenSSL is 1.0.0d-fips 8 Feb 2011 .
Most likely your Fedora OpenSSL comes without Elliptic Curve support.
You'll have to build OpenSSL yourself, or look for third party packages
providing OpenSSL with EC enabled.
Regards
Martin
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
