[strongSwan-dev] [StrongSwan]: Not able to install certificate

Thomas Klute thomas2.klute at uni-dortmund.de
Mon Jan 28 08:15:04 CET 2013 

Am 28.01.2013 06:18, schrieb jegathesh malaiyappan:
> Hi,
> 
> I try to install the certificates (private key, Ca certificate). But i am
> getting the following error.
> 
> <snip>
> 
> 2004-01-01T00:21:13.823670+00:00 10 [info]      pluto[12147]:  exception
> caught in cra_rsa_private_key_load invalid argument value, function: could
> not load private key argument: /etc/ipsec.d/private/privkey.crk
> 
> 2004-01-01T00:21:13.824155+00:00 10 [info]      pluto[12147]:  building
> CRED_PRIVATE_KEY - RSA failed, tried 8 builders
> 
> 2004-01-01T00:21:13.824477+00:00 10 [warning]   pluto[12147]:    syntax
> error in private key file

The message is quite clear: There is some sort of syntax error in your
key file. Which format do you use? I advise strongly against posting
your private key on a public mailing list, but maybe you can describe
the process you used to create it (e.g., ipsec pki or openssl commands)?

> 2004-01-01T00:21:13.824641+00:00 10 [warning]   pluto[12147]:
> "/etc/ipsec.secrets" line 2: Private key file -- could not be loaded
> 
> 2004-01-01T00:21:13.825086+00:00 10 [info]      pluto[12147]:    opening
> '/etc/ipsec.d/certs/btsCert.pem' failed: No such file or directory

I'm surprised Strongswan would try to open a non-existing file. Do you
have the path configured somewhere, is it a broken symlink or something
like that?

> 2004-01-01T00:21:13.825481+00:00 10 [info]      pluto[12147]:  building
> CRED_CERTIFICATE - PLUTO_CERT failed, tried 2 builders
> 
> 2004-01-01T00:21:13.825605+00:00 10 [warning]   pluto[12147]:  added
> connection description "conn1"
> 
> 2004-01-01T00:22:00.926828+00:00 10 [notice]    BTS_SW/tmgr:  killall:
> whack: no process killed
> 
> 2004-01-01T00:22:00.938182+00:00 10 [notice]    BTS_SW/tmgr:  killall:
> stroke: no process killed
> 
> 2004-01-01T00:22:00.977373+00:00 10 [info]      charon:  14[IKE] initiating
> IKE_SA conn1[2] to 30.30.30.40
> 
> </snip>
> 
> 
> Anybody have an idea of this issue? Please help me on this.
> 
> 
> Thanks.
> 
> 
> Regards,
> 
> Jegathesh.M
> 
> 
> 
> _______________________________________________
> Dev mailing list
> Dev at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/dev
>

More information about the Dev mailing list