Hi Kostya, > Does IPSec in general and strongSwan in particular support certificate > authentication with ECDSA keys?
Sure. > -----BEGIN EC PARAMETERS----- > Bgg.....== > -----END EC PARAMETERS----- > -----BEGIN EC PRIVATE KEY----- > MHcCA.......yDpwQ== > -----END EC PRIVATE KEY----- Remove the parameters, the pem plugin only parses the first BEGIN/END section in a PEM file. > Is there a "secret" or "trick" to getting ECDSA certificates / keys to work? You also need the openssl plugin if you don't have that loaded already. Regards, Tobias