On Mon, May 16, 2011 at 11:56:41AM +0100, Mike Bell wrote:
> Thanks Viktor,
>
> I hadn't properly understood the relationship between the certificate
> and the cipher, so I'll look at that now. I think I'm also confusing
> the OpenVPN?& OpenSSL relationship.
>
> OpenVPN does appear to be using TL
m e.g. (AES-128-CBC) with a cipher-suite,
which specifies also the authentication and message digest algorithms.
Generally, OpenSSL ciphersuites are defined for TLS. It is not clear
how these translate to your VPN device.
--
Viktor.
From: Victor Duchovni
To: "openssl-users@openssl.org&qu
On Fri, May 13, 2011 at 06:36:34PM +0100, Mike Bell wrote:
> I had originally put
> cipher AES-128-CBC
> in SERVER.OVPN & CLIENT.OVPN, not OPENSSL.CNF files (it's been a long week!)
I am not familiar with your VPN product, so you'll have to figure out
what configuration options are applicable. I
urity people are insisting on AES and either EC
DSA, DSA or RSA as the signature algorithm, but with a preference for ECDSA.
Thanks
From: Victor Duchovni
To: "openssl-users@openssl.org"
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA
On Fri, May
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138 EF
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
> However I keep getting a "no shared cipher" error.
>
> In my client & server openssl.cnf files I've specified
> cipher AES-128-CBC
This is not an EC cipher, and if you configure an EC cert, but specify
a cipher that is one of the ones
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138 EF:
