[strongSwan] SQL and IKE/ESP
Martin Willi
martin at strongswan.org
Wed Jul 28 08:43:49 CEST 2010
Hi Dave,
> I am trying to use SQL with ECDSA. The log showed my cert was read in
> correctly, but there was a mention that ECP_256 was not supported.
ECDSA is usually independent of ECDH, I don't think this is related to
your certificate.
> The DH implementation we're using doesn't support this
The default proposals are constructed using the registered algorithms
[1]. In contrast to a ipsec.conf based configuration, no additional
algorithms [2] are attached.
If your plugin does not support ECP_256, you should not register that
algorithm. The OpenSSL plugin does plugin registration at [3].
Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/config/proposal.c;h=e8639302896e1b0635014e49500b319b1fe966f4;hb=HEAD#l766
[2]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/starter/confread.c;h=399e17844d60b763811e08bb783628508620cf8d;hb=HEAD#l35
[3]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/plugins/openssl/openssl_plugin.c;h=31697dcb893d5e668a9b1df552cf44321edd2cd1;hb=HEAD#l290
More information about the Users
mailing list