Hello, I got RSA 2048-bit certificate StrongSwan to work on an SEAndroid device. However, when I tried it with an AES-256 certificate, I get this error:
I/charon ( 1035): 00[LIB] building CRED_PRIVATE_KEY - ECDSA failed, tried 1 builders I/charon ( 1035): 00[CFG] loading private key from '/system/etc/ipsec.d/private/carolKey.pem' failed I/charon ( 1035): 00[DMN] loaded plugins: openssl fips-prf random pubkey pkcs1 pem xcbc hmac kernel-netlink socket-default android stroke eap-identity eap-mschapv2 eap-md5 The same AES-256 certs and configurations worked fine on an Ubuntu PC platform. Please advise if you had seen this before. Cheers, Below are the configurations: # /etc/ipsec.conf - strongSwan IPsec configuration file config setup crlcheckinterval=180 strictcrlpolicy=no plutostart=no conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 ike=aes256-sha384-ecp384,aes128-sha256-ecp256! esp=aes256gcm16,aes128gcm16! conn rw left=192.168.1.140 leftcert=moonCert.pem leftsubnet=10.1.0.0/16 leftfirewall=yes right=%any keyexchange=ikev2 auto=add # /etc/ipsec.secrets - strongSwan IPsec secrets file : ECDSA moonKey.pem
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
