Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Missing support for ECDSA certs

    IPsec
    1
    1
    581
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Caligatio
      last edited by

      I'm currently using strongSwan between two NATed Linux servers for a Site-to-Site VPN configured with ECDSA certificates without any issues.  I wanted to try to convert one of the site's VPN termination to be pfSense but unfortunately it appears that pfSense doesn't support ECDSA certs.

      Considering I'm using ECDSA certs for the Web GUI and v2.2 switched to using strongSwan, is this a limitation only in the script that writes out the actual IPSec file?  Unfortunately I don't know of a way to replace the : RSA line in the ipsec.secrets and restart the IPSec daemon without also causing the file to be replaced.

      Thanks for any help!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post