[strongSwan] ikev2 smartcard support
Martin Willi
martin at strongswan.org
Thu Dec 23 10:36:22 CET 2010
Hi Peter,
> 06[CFG] found key on PKCS#11 token 'openSC':5
> 06[CFG] using smartcard certificate 'winterer at vpn.de'
> 11[IKE] no private key found for 'winterer at vpn.de'
Key and certificate get loaded properly, but the daemon can't find the
key during authentication.
The problem is that the fingerprint doesn't match. I've introduced a bug
with one of the PKCS#11 patches, creating invalid public keys from
smartcard private keys.
The patch at [1] fixes the problem, a new snapshot is available at [2].
Best regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=33bfdf6f3782e2f0d6d9da5d15144a425be4b618
[2]http://download.strongswan.org/snapshots/strongswan-4.5.0-233-g33bfdf6.tar.bz2
More information about the Users
mailing list