<div dir="ltr">The RDN specifies C=FR, but I don't know if I have to do something more to precise the encoding. Am I supposed to change it at the creation of the x509, of the p12 or after ?<div><br></div><div>Moreover, I noticed that the Common Name is used as an unique identifier for the certificate ? Is it possible to use it for leftid ?</div><div><br></div><div>Regards </div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-05-12 21:15 GMT+02:00 Volker Rümelin <span dir="ltr"><<a href="mailto:vr_strongswan@t-online.de" target="_blank">vr_strongswan@t-online.de</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Jacques,<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
After reading your explanations, I tried :<br>
<br>
1)<br></span>
leftid="C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org, E=<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a> <mailto:<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a>>"<br>
I get : no private key found for 'C=FR, ST=R??gion Parisienne, L=Paris, OU=Org, CN=1.Org, E=<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a> <mailto:<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a>>'<br>
<br>
</blockquote>
<br>
I see ?? as replacement for é in the log output. This suggests your ipsec.conf encoding is UTF-8.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
For example my certificate subjet is :<br></span>
C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org, E=<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a> <mailto:<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a>><span class=""><br>
but when I do ipsec listall I have :<br></span>
C=FR, ST=R?gion Parisienne, L=Paris, OU=Org, CN=1.Org, E=<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a> <mailto:<a href="mailto:jacques.monin01@gmail.com" target="_blank">jacques.monin01@gmail.com</a>><br>
<br>
</blockquote>
<br>
Here you have only one ?. The encoding is definitely not UTF-8. Change the RDN in your certificate to UTF8String and I expect your leftid subject will match.<br>
<br>
Regards,<br>
Volker<br>
</blockquote></div><br></div>