]>
Commit | Line | Data |
---|---|---|
609e8131 SK |
1 | Since 2.4.0, OpenVPN has official support for elliptic curve crypto. Elliptic |
2 | curves are an alternative to RSA for asymmetric encryption. | |
3 | ||
4 | Elliptic curve crypto ('ECC') can be used for the ('TLS') control channel only | |
5 | in OpenVPN; the data channel (encrypting the actual network traffic) uses | |
6 | symmetric encryption. ECC can be used in TLS for authentication (ECDSA) and key | |
7 | exchange (ECDH). | |
8 | ||
9 | Key exchange (ECDH) | |
10 | ------------------- | |
11 | OpenVPN 2.4.0 and newer automatically initialize ECDH parameters. When ECDSA is | |
12 | used for authentication, the curve used for the server certificate will be used | |
13 | for ECDH too. When autodetection fails (e.g. when using RSA certificates) | |
14 | OpenVPN lets the crypto library decide if possible, or falls back to the | |
8353ae80 AS |
15 | secp384r1 curve. The list of groups/curves that the crypto library will choose |
16 | from can be set with the --tls-groups <grouplist> option. | |
609e8131 SK |
17 | |
18 | An administrator can force an OpenVPN/OpenSSL server to use a specific curve | |
19 | using the --ecdh-curve <curvename> option with one of the curves listed as | |
8353ae80 | 20 | available by the --show-groups option. Clients will use the same curve as |
609e8131 SK |
21 | selected by the server. |
22 | ||
8353ae80 | 23 | Note that not all curves listed by --show-groups are available for use with TLS; |
609e8131 SK |
24 | in that case connecting will fail with a 'no shared cipher' TLS error. |
25 | ||
26 | Authentication (ECDSA) | |
27 | ---------------------- | |
28 | Since OpenVPN 2.4.0, using ECDSA certificates works 'out of the box'. Which | |
29 | specific curves and cipher suites are available depends on your version and | |
30 | configuration of the crypto library. The crypto library will automatically | |
31 | select a cipher suite for the TLS control channel. | |
32 | ||
33 | Support for generating an ECDSA certificate chain is available in EasyRSA (in | |
34 | spite of it's name) since EasyRSA 3.0. The parameters you're looking for are | |
35 | '--use-algo=ec' and '--curve=<curve_name>'. See the EasyRSA documentation for | |
36 | more details on generating ECDSA certificates. |