Hi, Env: strongswan 4.6.4, openssl with fips 2.0 module with ECC Problem: Configured strongswan with option --enable-openssl. Before that I built also openssl to use fips module, anyway after installation it is seen as a second openssl in RHEL system. Anyway the generated ECC private keys are not recognized by strongswan. Message in charon logs seen:
"building CRED_PRIVATE_KEY - ECDSA failed, tried 2 builders" Seems for me like it uses a wrong openssl as this file with ec keys are not recognized. Could anyone give me some hint what could be a problem? I also tried with RSA and everything worked fine. Would be that openssl plugin is not correctly configured in strongswan? Anyway didn't find any useful configuration for this plugin. Regards, Albert
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
