[Openswan Users] DSA keys

Marcus Better marcus at better.se
Wed Mar 30 23:34:18 CEST 2005


what is the state of support for DSA keys in X.509 certificates in 
Openswan (or IPsec)?

*Can I use a DSA certificate for authenticating IPsec gateways?

*Can I use an RSA certificate which is signed by a CA with a DSA 

I tried using a DSA CA certificate and got an error message when the 
certificate was loaded, saying "unsupported public key algorithm".

(I think that even if only RSA keying is supported, it should be 
possible to use an RSA certificate which is itself DSA signed.)



More information about the Users mailing list