After we implemented the signature algorithm extension, the connection succeeds with the test server/client within strongswan. However, if we do the same using the tls-client from strongswan and try to connect to an openssl tls 1.3 server, the connection fails with the following error on the server side:
We sent an RSA with SHA256, but openssl doesn't recognise it as suitable signature algorithm.
However, if we do the same with a strongswan client max version of TLS 1.2, the connection succeeds, using RSA with SHA256.
Aufwandschätzung: soll=2 Stunden
After we implemented the signature algorithm extension, the connection succeeds with the test server/client within strongswan. However, if we do the same using the tls-client from strongswan and try to connect to an openssl tls 1.3 server, the connection fails with the following error on the server side:
We sent an RSA with SHA256, but openssl doesn't recognise it as suitable signature algorithm. However, if we do the same with a strongswan client max version of TLS 1.2, the connection succeeds, using RSA with SHA256.