Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OpenVPN, Peer to Peer, SSL/TLS enabled with secp521r1 certs won't work
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN, Peer to Peer, SSL/TLS enabled with secp521r1 certs won't work (Read 1619 times)
john
Newbie
Posts: 1
Karma: 0
OpenVPN, Peer to Peer, SSL/TLS enabled with secp521r1 certs won't work
«
on:
January 27, 2020, 07:34:33 pm »
Hello
Given a `self-signed CA cert` and a `self-signed cert` using `secp521r1` for a `Peer to Peer (SSL/TLS)` with `AES-256-GCM` and `TLS Authentication` enabled it gives the following error message:
```sh
TLS Error: TLS handshake failed
TLS Error: TLS object -> incoming plaintext read error
TLS_ERROR: BIO read tls_read_plaintext error
OpenSSL: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher
TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive.
```
A `Remote Access (SSL/TLS)` with the same pair of certs with `secp521r1` and `AES-256-GCM` and `TLS Authentication` enabled works.
May be someone can help me with this or explain if my combination of `TLS Authentication` and `Encryption algorithm` may not work for EC certs using `secp521r1` and Peer to Peer?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OpenVPN, Peer to Peer, SSL/TLS enabled with secp521r1 certs won't work