[strongSwan] IKE signature scheme RSA_EMSA_PKCS1_SHA1 not acceptable

Jafar Al-Gharaibeh jafar at atcorp.com
Wed Aug 22 16:50:25 CEST 2018


     Did you manage to increase the logging level and get more 
information? That would be helpful in determining what is going on.


On 08/21/2018 01:11 AM, Binarus wrote:
> Jafar,
> thank you very much again.
> On 20.08.2018 23:20, Jafar Al-Gharaibeh wrote:
>> The issue does have something to do with non-matching proposals. It is
>> just that for signature schemes prior to version 5.3  the signature
>> constraints were not enforced. In your configuration you have :
>>     leftauth=rsa-4096-sha512
>>     rightauth=rsa-4096-sha512
>>    That means you expect the certificates at both ends to use use at
>> least 4096 RSA keys  and sha512 for signature schemes. You had the
>> setting all the time but it wasn't being enforced prior to 5.3, but now
>> it is. Instead of fixing it by turning
>> signature_authentication_constraints
>> off, I would generate new certificates with that strength if you want it
>> that strong, or just lower your constraints in left/rightauth to match
>> your existing certs. see left/rightauth at [1].
> Perhaps I have been not clear enough, but I believe that in my previous
> post I have described how I created the certificates when initially
> configuring that VPN. To quote myself (from my previous post):
> "Furthermore, when initially configuring the VPN between me and my
> client (about 2 years ago), I have newly created *all* certificates
> involved from scratch, using RSA 4096 and SHA-512."
> To be sure that I am not making a fool of myself now, I just have
> checked all certificates again (openssl x509 -in <certificate_name>.crt
> -text -noout). I did that check not only with each certificate I have
> installed at my side, but also with the CA certificate and each
> certificate which is installed in the client's device.
> For each certificate, the output of the command mentioned above included
> the following lines (among others, leading spaces removed):
> Signature Algorithm: sha512WithRSAEncryption
> Public-Key: (4096 bit)
> So I think that your statement from your last post from yesterday is
> correct, and that there actually is more to the story. But what?
> Probably it is related to RFC 7427 ...
> Thank you very much,
> Binarus

More information about the Users mailing list