Page 1 of 1
elliptic curve certificates
Posted: Thu Jan 22, 2015 4:56 pm
by eak
I would like to switch from RSA certificates to Elliptic Curve (EC) certificates. Can someone confirm or refute whether OpenVPN Connect iOS support a Certificate Authority (CA) that uses openssl secp521r1 certificate generation? If the EC CAs are supported, are EC client certificates?
Re: elliptic curve certificates
Posted: Fri Jan 23, 2015 9:38 am
by orngefish
As far as I can tell ECC is not supported natively with the current official release of openvpn (2.3.6) I think it is set to be released with 2.4.0. I think the ECC code has already been added to the github codebase though so I do believe it is possible to compile openvpn with ECC support on your own but i have not tried it.
But I am unaware if ECC is supported by IOS connect itself.
https://github.com/OpenVPN/openvpn/blob ... /README.ec
I also am interested in switching my servers to ECC.
Re: elliptic curve certificates
Posted: Fri Feb 27, 2015 8:33 pm
by Apokrif
Me 3!
BTW:
OpenVPN 2.3.2 -- released on 2013.06.03
OpenVPN 2.3.6 -- released on 2014.12.01
If my calculation correct, OpenVPN 2.4.0 will be released around 2016.06.01
