<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi, <br>
<br>
I can't get charon to start, does anyone know what's missing or
have a suggestion of what to check?<br>
<br>
<br>
# ipsec restart<br>
Stopping strongSwan IPsec failed: starter is not running<br>
Starting strongSwan 5.1.0 IPsec [starter]...<br>
No leaks detected, 1 suppressed by whitelist<br>
<br>
<br>
syslog:<br>
<br>
Aug 16 21:57:42 host ipsec_starter[4497]: Starting strongSwan 5.1.0
IPsec [starter]...<br>
Aug 16 21:57:42 host charon[4517]: 00[DMN] Starting IKE charon
daemon (strongSwan 5.1.0, Linux 3.9.11, x86_64)<br>
Aug 16 21:57:42 host charon[4517]: 00[LIB] feature CUSTOM:libcharon
in critical plugin 'charon' has unmet dependency: NONCE_GEN<br>
Aug 16 21:57:42 host charon[4517]: 00[CFG] loading ca certificates
from '/etc/ipsec.d/cacerts'<br>
Aug 16 21:57:42 host charon[4517]: 00[CFG] loaded ca certificate
"C=ES, ST=somewhere, L=somewhere, O=Xxx, OU=Xxx, CN=xx1" from
'/etc/ipsec.d/cacerts/strongswanCert.pem'<br>
Aug 16 21:57:43 host charon[4517]: 00[LIB] building CRED_CERTIFICATE
- X509 failed, tried 3 builders<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading ca certificate
from '/etc/ipsec.d/cacerts/strongswanKey.pem' failed<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading aa certificates
from '/etc/ipsec.d/aacerts'<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading ocsp signer
certificates from '/etc/ipsec.d/ocspcerts'<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading attribute
certificates from '/etc/ipsec.d/acerts'<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading crls from
'/etc/ipsec.d/crls'<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading secrets from
'/etc/ipsec.secrets'<br>
Aug 16 21:57:43 host charon[4517]: 00[LIB] building CRED_PRIVATE_KEY
- RSA failed, tried 4 builders<br>
Aug 16 21:57:43 host charon[4517]: 00[CFG] loading private key
from '/etc/ipsec.d/private/moonKey.pem' failed<br>
Aug 16 21:57:43 host charon[4517]: 00[LIB] failed to load 1 critical
plugin feature<br>
Aug 16 21:57:43 host charon[4517]: 00[DMN] initialization failed -
aborting charon<br>
Aug 16 21:57:43 host ipsec_starter[4516]: charon has quit:
initialization failed<br>
Aug 16 21:57:43 host ipsec_starter[4516]: charon refused to be
started<br>
Aug 16 21:57:43 host ipsec_starter[4516]: ipsec starter stopped<br>
<br>
<br>
The configuration files I'm using are:<br>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.strongswan.org/uml/testresults4/ikev2/dhcp-dynamic/index.html">http://www.strongswan.org/uml/testresults4/ikev2/dhcp-dynamic/index.html</a><br>
<br>
I generated the pem files with the examples in the README.<br>
<br>
<br>
I'm using gentoo linux. compile configure ops are:<br>
./configure --prefix=/usr --build=x86_64-pc-linux-gnu
--host=x86_64-pc-linux-gnu --mandir=/usr/share/man
--infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc
--localstatedir=/var/lib --libdir=/usr/lib64 --disable-silent-rules
--disable-dependency-tracking --disable-static --enable-ikev1
--enable-ikev2 --with-capabilities=libcap --enable-curl
--disable-ldap --enable-leak-detective --enable-eap-sim
--enable-eap-sim-file --enable-eap-simaka-sql
--enable-eap-simaka-pseudonym --enable-eap-simaka-reauth
--enable-eap-identity --enable-eap-md5 --enable-eap-aka
--enable-eap-aka-3gpp2 --enable-eap-mschapv2 --enable-eap-radius
--enable-eap-tls --enable-openssl --disable-gcrypt --enable-mysql
--enable-sqlite --enable-dhcp --enable-farp --disable-nm
--with-systemdsystemunitdir=/usr/lib/systemd/system
--enable-attr-sql --enable-sql --enable-eap-gtc<br>
<br>
<br>
<br>
Thanks,<br>
<br>
<br>
Karl<br>
<br>
</body>
</html>