[strongSwan] Need help reviewing a tutorial on smartcards
francois.perou at free.fr
Fri Apr 9 17:43:37 CEST 2010
On Fri, 2010-04-09 at 15:59 +0100, Dimitrios Siganos wrote:
> But the logs are saying that it can't find your private kays. The
> also suggest that it loads at least one certificate from the
Sorry, I forgot to publish the ipsec.secrets file:
: PIN %smartcard %prompt
Then I run ipsec secrets to enter PIN.
I would suspect your ipsec.secrets file here. But I don't know how you
> are supposed to tell strongswan which private key to use from the
> smartcard (there could many). It makes sense that it needs to be told
> but how do we do that?
I am trying with a new card with only one certificate.
In smartcards, the private key never leaves the card. So I doubt that
strongSwan can ever access the card.
On the converse, strongSwan needs to be able to make crypto operations
from the smartcard using OpenSSL.
More information about the Users