<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Can , someone help me with this ?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Sindhu<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Sindhu S. (sins)
<br>
<b>Sent:</b> Wednesday, October 28, 2015 7:07 PM<br>
<b>To:</b> users@lists.strongswan.org<br>
<b>Subject:</b> Reg : No private key found<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi all,<o:p></o:p></p>
<p class="MsoNormal">I’m getting error as no private key found. <o:p></o:p></p>
<p class="MsoNormal">Private key was loaded successfully. Below are details.<o:p></o:p></p>
<p class="MsoNormal">Please let me know , what is the issue ?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b>Logs:<o:p></o:p></b></p>
<p class="MsoNormal">Oct 28 12:09:57 00[CFG] loaded RSA private key from '/home/ipsec/snbi_new/snbi/snbiFe/bin/./private.pem'<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] received cert request for "N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186"<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] reinitiating already active tasks<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] IKE_CERT_PRE task<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] IKE_AUTH task<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] sending cert request for "CN=snbi"<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[ENC] added payload of type CERTREQ to message<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[ENC] added payload of type NOTIFY to message<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[ENC] added payload of type NOTIFY to message<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[ENC] added payload of type ID_INITIATOR to message<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] no private key found for 'N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186'<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[MGR] checkin and destroy IKE_SA snbi_tun_2[1]<o:p></o:p></p>
<p class="MsoNormal">Oct 28 12:19:09 05[IKE] IKE_SA snbi_tun_2[1] state change: CONNECTING => DESTROYING<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b>ipsec@ipsec2:~/snbi_new/snbi/snbiFe/bin$ sudo ipsec statusall<o:p></o:p></b></p>
<p class="MsoNormal">Status of IKE charon daemon (strongSwan 5.3.3, Linux 3.13.0-24-generic, x86_64):<o:p></o:p></p>
<p class="MsoNormal"> uptime: 8 seconds, since Oct 28 12:09:58 2015<o:p></o:p></p>
<p class="MsoNormal"> malloc: sbrk 1351680, mmap 0, used 248608, free 1103072<o:p></o:p></p>
<p class="MsoNormal"> worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0<o:p></o:p></p>
<p class="MsoNormal"> loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic<o:p></o:p></p>
<p class="MsoNormal">Listening IP addresses:<o:p></o:p></p>
<p class="MsoNormal"> 10.64.69.117<o:p></o:p></p>
<p class="MsoNormal"> 2001:db8:0:f101::1<o:p></o:p></p>
<p class="MsoNormal"> fd08:2eef:c2ee:0:2e19:ba2d:e05f:35<o:p></o:p></p>
<p class="MsoNormal">Connections:<o:p></o:p></p>
<p class="MsoNormal"> snbi_tun_2: fe80::20c:29ff:feb2:ae2f%eth1...fe80::20c:29ff:fea8:e174%eth1 IKEv2<o:p></o:p></p>
<p class="MsoNormal"> snbi_tun_2: local: [N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186] uses public key authentication<o:p></o:p></p>
<p class="MsoNormal"> snbi_tun_2: cert: "N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186"<o:p></o:p></p>
<p class="MsoNormal"> snbi_tun_2: remote: uses public key authentication<o:p></o:p></p>
<p class="MsoNormal"> snbi_tun_2: child: dynamic === dynamic TRANSPORT<o:p></o:p></p>
<p class="MsoNormal">Security Associations (0 up, 0 connecting):<o:p></o:p></p>
<p class="MsoNormal"> none<o:p></o:p></p>
<p class="MsoNormal"><b>ipsec@ipsec2:~/snbi_new/snbi/snbiFe/bin$ sudo ipsec up snbi_tun_2<o:p></o:p></b></p>
<p class="MsoNormal">initiating IKE_SA snbi_tun_2[1] to fe80::20c:29ff:fea8:e174<o:p></o:p></p>
<p class="MsoNormal">generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]<o:p></o:p></p>
<p class="MsoNormal">sending packet: from fe80::20c:29ff:feb2:ae2f[500] to fe80::20c:29ff:fea8:e174[500] (408 bytes)<o:p></o:p></p>
<p class="MsoNormal">received packet: from fe80::20c:29ff:fea8:e174[500] to fe80::20c:29ff:feb2:ae2f[500] (353 bytes)<o:p></o:p></p>
<p class="MsoNormal">parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) N(MULT_AUTH) ]<o:p></o:p></p>
<p class="MsoNormal">received cert request for "N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186"<o:p></o:p></p>
<p class="MsoNormal">sending cert request for "CN=snbi"<o:p></o:p></p>
<p class="MsoNormal">no private key found for 'N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186'<o:p></o:p></p>
<p class="MsoNormal">establishing connection 'snbi_tun_2' failed<o:p></o:p></p>
<p class="MsoNormal"><b>ipsec@ipsec2:~/snbi_new/snbi/snbiFe/bin$ ip -6 tun show<o:p></o:p></b></p>
<p class="MsoNormal">snbi_tun_3: gre/ipv6 remote fe80::20c:29ff:fea8:e16a local fe80::20c:29ff:feb2:ae25 dev eth0 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)<o:p></o:p></p>
<p class="MsoNormal">ip6gre0: gre/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)<o:p></o:p></p>
<p class="MsoNormal">ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)<o:p></o:p></p>
<p class="MsoNormal">snbi_tun_1: gre/ipv6 remote fe80::20c:29ff:fe6f:6c61 local fe80::20c:29ff:feb2:ae25 dev eth0 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)<o:p></o:p></p>
<p class="MsoNormal">snbi_tun_2: gre/ipv6 remote fe80::20c:29ff:fea8:e174 local fe80::20c:29ff:feb2:ae2f dev eth1 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b>ipsec@ipsec2:~/snbi_new/snbi/snbiFe/bin$ sudo ipsec listcerts
<o:p></o:p></b></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">List of X.509 End Entity Certificates:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> subject: "N=2e19.ba2d.e05f-53, CN=2e19.ba2d.e05f-53, OU=cisco.com, SN=LINUX:PID:SN:960966186"<o:p></o:p></p>
<p class="MsoNormal"> issuer: "CN=snbi"<o:p></o:p></p>
<p class="MsoNormal"> serial: 01:50:ad:1c:60:4f<o:p></o:p></p>
<p class="MsoNormal"> validity: not before Oct 28 11:52:09 2015, ok<o:p></o:p></p>
<p class="MsoNormal"> not after Oct 28 11:52:09 2018, ok <o:p></o:p></p>
<p class="MsoNormal"> pubkey: RSA 1024 bits<o:p></o:p></p>
<p class="MsoNormal"> keyid: d5:77:cb:02:9d:84:05:d0:7d:00:1f:c1:6b:f2:35:76:c9:37:f3:c6<o:p></o:p></p>
<p class="MsoNormal"> subjkey: cd:15:7e:9c:33:58:cd:49:f9:ff:89:b4:0a:28:61:a3:d0:a3:45:75<o:p></o:p></p>
<p class="MsoNormal">ipsec@ipsec2:~/snbi_new/snbi/snbiFe/bin$<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal">Sindhu<o:p></o:p></p>
</div>
</body>
</html>