[strongSwan] Need help reviewing a tutorial on smartcards
François Pérou
francois.perou at free.fr
Fri Apr 9 00:00:17 CEST 2010
Dear friends,
I am writing a tutorial on smartcards for strongSwan:
http://www.gooze.eu/howto/using-strongswan-with-smart-cards
I cannot configure roadwarrior Carol with smartcards:
http://www.gooze.eu/howto/using-strongswan-with-smart-cards/configuring-road-warrior-carol
%smartcard is not recognized:
01[DMN] Starting IKEv2 charon daemon (strongSwan 4.3.2)
01[LIB] loading plugin 'sha1'
failed: /usr/lib/ipsec/plugins/libstrongswan-sha1.so: cannot open shared
object file: No such file or directory
01[LIB] loading plugin 'fips-prf'
failed: /usr/lib/ipsec/plugins/libstrongswan-fips-prf.so: cannot open
shared object file: No such file or directory
01[KNL] listening on interfaces:
01[KNL] eth0
01[KNL] wlan0
01[KNL] 192.168.0.7
01[KNL] fe80::21c:26ff:feca:223b
01[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
01[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
01[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
01[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
01[CFG] loading crls from '/etc/ipsec.d/crls'
01[CFG] loading secrets from '/etc/ipsec.secrets'
01[CFG] line 11: the given %smartcard specifier is not supported or
invalid
01[LIB] loading plugin 'sql'
failed: /usr/lib/ipsec/plugins/libstrongswan-sql.so: cannot open shared
object file: No such file or directory
01[LIB] loading plugin 'attr'
failed: /usr/lib/ipsec/plugins/libstrongswan-attr.so: cannot open shared
object file: No such file or directory
01[CFG] no RADUIS secret defined
01[CFG] RADIUS plugin initialization failed
01[LIB] loading plugin 'eapradius' failed: plugin_create() returned NULL
01[CFG] mediation database URI not defined, skipped
01[LIB] loading plugin 'medsrv' failed: plugin_create() returned NULL
01[CFG] mediation client database URI not defined, skipped
01[LIB] loading plugin 'medcli' failed: plugin_create() returned NULL
01[LIB] loading plugin 'nm'
failed: /usr/lib/ipsec/plugins/libstrongswan-nm.so: cannot open shared
object file: No such file or directory
01[LIB] loading plugin 'resolv-conf'
failed: /usr/lib/ipsec/plugins/libstrongswan-resolv-conf.so: cannot open
shared object file: No such file or directory
01[DMN] loaded plugins: curl ldap random x509 pubkey openssl xcbc hmac
agent gmp kernel-netlink stroke updown eapidentity eapmd5 eapgtc eapaka
eapmschapv2
01[JOB] spawning 16 worker threads
05[CFG] received stroke: add connection 'home'
05[CFG] left nor right host is our side, assuming left=local
05[LIB] reading file '/etc/ipsec.d/certs/%smartcard' failed
05[LIB] failed to create a builder for credential type CRED_CERTIFICATE,
subtype (1)
05[CFG] added configuration 'home'
01[DMN] signal of type SIGINT received. Shutting down
pkcs11-tool -L
Available slots:
Slot 4294967295 Virtual hotplug slot
(empty)
Slot 1 Feitian SCR301 01 00
token label: Jean-Michel Pouré (User PIN)
token manuf: EnterSafe
token model: PKCS#15
token flags: rng, login required, PIN initialized, token initialized
serial num : 2998511513171109
Slot 2 Feitian SCR301 01 00
(empty)
Slot 3 Feitian SCR301 01 00
(empty)
Slot 4 Feitian SCR301 01 00
(empty)
pkcs11-tool --slot 1 --list-objects
Public Key Object; RSA 2048 bits
label: Public Key
ID: 7645d913d5b4exxxxxxxxxxxxxxxx02324c23a7ebf4
Usage: none
Certificate Object, type = X.509 cert
label: CAcert WoT User's Root CA ID
ID: 7645d913d5b4xxxxxxxxxxxxxxxx02324c23a7ebf4
Public Key Object; RSA 2048 bits
label: Public Key
ID: 6d0534d04axxxxxxxxxxxxxxxxxx571deec58
Usage: none
Certificate Object, type = X.509 cert
label: StartCom Free Certificate Member's StartCom Ltd. ID
ID: 6d0534d04axxxxxxxxxxxxx7a2e33571deec58
Could you help and review these settings?
What debug information can I provide?
Kind regards,
François
More information about the Users
mailing list