[strongSwan-dev] certificate issue
Martin Willi
martin at strongswan.org
Tue Mar 30 13:39:23 CEST 2010
Hi Aaron,
> loading ca certificate from '/usr/local/etc/ipsec.d/cacerts/Aaron-CA.pem' failed
> loading private key from '/usr/local/etc/ipsec.d/private/vpnKey.key' failed
> loaded plugins: aes des sha1 md5 sha2 hmac gmp random pubkey xcbc x509
> stroke eap-mschapv2 eap-identity eap-md5 updown
You are missing the "pem" plugin to decode PEM encoded files, and the
pkcs1 plugin to parse PKCS#1 encoded private/public keys.
If you disabled them during ./configure, you'll have to rebuild
strongSwan with them enabled. Do a "make clean" to rebuild them
properly.
If you have manually specified a plugin list, add the pem and pkcs1
plugins before loading the stroke plugin. We recommend to not set a
plugin load list manually, it is tricky to get it right.
Regards
Martin
More information about the Dev
mailing list