[strongSwan] Need help reviewing a tutorial on smartcards
François Pérou
francois.perou at free.fr
Fri Apr 9 17:43:37 CEST 2010
On Fri, 2010-04-09 at 15:59 +0100, Dimitrios Siganos wrote:
>
> But the logs are saying that it can't find your private kays. The
> logs
> also suggest that it loads at least one certificate from the
> smartcard.
Sorry, I forgot to publish the ipsec.secrets file:
: PIN %smartcard %prompt
Then I run ipsec secrets to enter PIN.
I would suspect your ipsec.secrets file here. But I don't know how you
> are supposed to tell strongswan which private key to use from the
> smartcard (there could many). It makes sense that it needs to be told
> but how do we do that?
>
I am trying with a new card with only one certificate.
In smartcards, the private key never leaves the card. So I doubt that
strongSwan can ever access the card.
On the converse, strongSwan needs to be able to make crypto operations
from the smartcard using OpenSSL.
Kind regards
More information about the Users
mailing list