I think I found a Bug...
In my acl/pub.xml i wrote:
<channel>
<type>mod_ssl</type>
<protocol>ssl</protocol>
<source>.*</source>
<asymmetric_cipher>.*</asymmetric_cipher>
<asymmetric_keylength>0</asymmetric_keylength>
<symmetric_cipher>.*</symmetric_cipher>
<symmetric_keylength>128</symmetric_keylength>
</channel>My Mozilla tells me, Im using AES 256 bit but OpenCA complains
Error Aborting connection - you are using a too short symmetric keylength (). General Error. 6251043.
I think I am right than 256 is larger than 128 :) Every value not 0 for "symmetric_keylength" will cause this error.
Bug or am I wrong with the meaning of the param ??
Oliver
-- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
