IKEv2 VPN does not support EC certificates
| Originator: | neilalexanderr | ||
| Number: | rdar://29821257 | Date Originated: | 28/12/2016 |
| Status: | Open | Resolved: | |
| Product: | macOS, iOS | Product Version: | |
| Classification: | Serious | Reproducible: | Always |
Summary: IKEv2 certificate-based VPN always fails when using ECDSA elliptic curve certificates. Switching to RSA certificates solves the issue. Steps to Reproduce: Use ECDSA certificates when creating an IKEv2 connection to Strongswan or similar. Expected Results: The VPN connection should succeed, like it does with RSA certificates. Actual Results: The VPN connection fails. The remote side reports a failure to establish a proposal. Version: macOS 10.12.2 iOS 10.2 Notes: Configuration: Occurs always.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!