Thanks for the reply. That is interesting. I'm using OpenSSL 0.9.8n that I had to build from source. This gives me something to try as well.
Thanks! Bill ________________________________ From: Tobias Brunner <[email protected]> To: [email protected] Sent: Fri, December 3, 2010 10:19:46 AM Subject: Re: [strongSwan] Fail on loading secrets (ECDSA) Hi Bill, I just tried to recreate the crash with the certificate and key you provided, but I wasn't able to. Using strongSwan 4.5.0 and OpenSSL 0.9.8o, it worked flawlessly: Output of ipsec listcerts: subject: "C=US, ST=NC, O=CO, CN=KAP8" issuer: "C=US, ST=NC, O=CO, CN=KAP8" serial: 00:c8:89:b5:5e:e1:01:2e:43 validity: not before Nov 30 21:20:58 2010, ok not after Dec 30 21:20:58 2010, ok (expires in 27 days) pubkey: ECDSA 384 bits, has private key keyid: 85:c1:33:e6:5f:47:be:78:1a:eb:f4:37:c9:dd:92:00:22:91:a2:a9 subjkey: 53:9e:25:03:bc:a4:fa:1b:26:f0:55:c0:dd:0b:6b:14:30:34:8f:2f authkey: 53:9e:25:03:bc:a4:fa:1b:26:f0:55:c0:dd:0b:6b:14:30:34:8f:2f It might be a problem with your version of OpenSSL. To debug charon with gdb, you can try to start it with "ipsec start --attach-gdb". Regards, Tobias On 12/03/2010 03:30 PM, William Greene wrote: > > I'm pretty much at a dead end on how to proceed further. Does anyone > have ideas or suggestions to debug the charon daemon when it is in a > restart loop when using ECDSA public and private keys? > > Thanks in advance for any help and/or suggestions to proceed, > Bill _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
