Hello All, I have some questions about the supported signature algorithms in strongswan.
As I understand it, strongswan supports RSA and ECDSA with various bitlengths at this time. I also know that I can use the ipsec pki tool to create certificates using one of these algorithms. To create ECDSA-keypair I had to enable the openssl support via "./configure --enable-openssl". Do I have to enable the openssl support only for creating such certificates? (Currently on a Debian host with Strongswan 5.0.1) Or do I also need the openssl support during the key exchange? (On an arm platform with cross compiled StrongSwan 5.0.1, no openssl-lib at this time) How about RSA? There is obviously no need for openssl for building a certificate with rsa keypairs. So there is an implementation in Strongswam itself, right? Thanks, Christian
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
