[strongSwan] ECDSDA certificates / keys?

Tobias Brunner tobias at strongswan.org
Thu Mar 14 13:41:41 CET 2019


Hi Kostya,

> Does IPSec in general and strongSwan in particular support certificate authentication with ECDSA keys?

Sure.

> -----BEGIN EC PARAMETERS-----
> Bgg.....==
> -----END EC PARAMETERS-----
> -----BEGIN EC PRIVATE KEY-----
> MHcCA.......yDpwQ==
> -----END EC PRIVATE KEY-----

Remove the parameters, the pem plugin only parses the first BEGIN/END
section in a PEM file.

> Is there a "secret" or "trick" to getting ECDSA certificates / keys to work?

You also need the openssl plugin if you don't have that loaded already.

Regards,
Tobias


More information about the Users mailing list