[strongSwan] scepclient and EC pubkey support
Markus P. Beckhaus
markus at beckhaus.com
Wed Jun 13 11:49:29 CEST 2018
Hi,
I am trying to use ipsec_scepclient against a 2-tiered AD CS with ECDSA setup but this fails with the following error message:
EC public key encryption not implemented
encrypting symmetric key failed
Obviosly this tells me exactly, why it isn’t working, but on the other side we have strongswan running VPN tunnels on the same box with ECDSA certificates from abovementioned CA, so basically ECDSA modules are present and loaded.
So I am asking myself, if the scepclient does not utilize the same module architecture as the charon deamon.
My question is, if scepclient definitely does not support EC or if I can tweak my configuration in any way to add EC support to scepclient.
Best Regards
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180613/451b3c7e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2006 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180613/451b3c7e/attachment.bin>
More information about the Users
mailing list