Hi, > 1) List of loaded plugins without the openssl for the failed test case.
> 00[LIB] key integrity tests failed > 00[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 6 builders > When openssl plugin was enabled, we created a patch file as workaround > to bypass the RSA_check_key. If I understand correctly, you had to patch the openssl plugin to get it working with your key, and an unpatched gmp plugin is unable to load the key, right? > it is safe for to bypass the integrity check in gmp plugin as another > workaround? I don't think so. These checks are there for good reason and check the sanity (and safety) of the RSA key. You can add some debug statements to [1] to see why exactly the key is considered invalid. I don't recommend to remove the check, but instead track down why the check fails and why your key is invalid (and potentially unsafe). Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c;hb=HEAD#l525 _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
