[strongSwan] ECDSA failures with Strongswan 5.0.2 and openssl 1.0.1e-fips
Tobias Brunner
tobias at strongswan.org
Tue Apr 2 18:50:48 CEST 2013
Hi Scot,
> Apr 2 15:18:16 00[LIB] feature PUBKEY:ECDSA in 'pem' plugin has unsatisfied dependency: PUBKEY:ECDSA
It seems the openssl plugin was not built with ECDSA support. Which is
strange if you used ipsec pki on the same host to create the ECDSA keys
and certificates. The openssl plugin uses openssl/conf.h to detect
which features the OpenSSL library was built with. Did you perhaps
build strongSwan before you reconfigured OpenSSL with ECC support? Or
are perhaps the wrong OpenSSL header files used by strongSwan? If so,
you might want to try adding -I/path/to/proper/openssl/headers to the
strongSwan CFLAGS.
Regards,
Tobias
More information about the Users
mailing list