[strongSwan] ikev2 smartcard support

Martin Willi martin at strongswan.org
Thu Dec 23 10:36:22 CET 2010

Hi Peter,

> 06[CFG] found key on PKCS#11 token 'openSC':5
> 06[CFG] using smartcard certificate 'winterer at vpn.de'

> 11[IKE] no private key found for 'winterer at vpn.de'

Key and certificate get loaded properly, but the daemon can't find the
key during authentication.

The problem is that the fingerprint doesn't match. I've introduced a bug
with one of the PKCS#11 patches, creating invalid public keys from
smartcard private keys.

The patch at [1] fixes the problem, a new snapshot is available at [2].

Best regards


More information about the Users mailing list