openvpn connect doesn't support ECDHE or ECDSA

Post Reply
yunkpoon2
OpenVpn Newbie
Posts: 4
Joined: Sun Aug 10, 2014 7:29 am

openvpn connect doesn't support ECDHE or ECDSA

Post by yunkpoon2 » Sat Sep 23, 2017 10:48 am

HI all,
I have just setup my own openvpn server in ubuntu with ECDHE or ECDSA. I have verified my setting and formed a working connection via tunnelblick. However I can't use the same config file in iOS client. Does anyone have idea on the apps development process? Suppose I really want to use this setting, what kind of apps client/ system setting i can use?

Thanks

yunkpoon2
OpenVpn Newbie
Posts: 4
Joined: Sun Aug 10, 2014 7:29 am

Re: openvpn connect doesn't support ECDHE or ECDSA

Post by yunkpoon2 » Sat Sep 30, 2017 5:51 am

Does anyone use ECDSA to connect Openvpn server successfully?
May I ask your configuration if any🙇🏻

jcoffman
OpenVpn Newbie
Posts: 1
Joined: Thu Oct 26, 2017 12:51 pm

Re: openvpn connect doesn't support ECDHE or ECDSA

Post by jcoffman » Thu Oct 26, 2017 12:54 pm

I can confirm this issue. I've set up two entire key sets (CA, server, clients) using both the prime256v1 and secp384r1 curves (one full set for each curve, no mixed sets), and while I can connect using either set from macOS and Windows clients, iOS reports "no shared cipher" every time. The iOS client appears to lack support for elliptic curve-based key agreement (ECDHE).

Post Reply