[strongSwan] Private key not found

Shane W shane-strongswan at csy.ca
Tue Jun 22 11:29:38 CEST 2010


Hey all,

I have done some archive searching on this one and previous
issues have either been with ipsec.secrets providing the
right password or key not matching cert issues. However, I
have checked these things and am still getting this
message.

Jun 22 02:10:32 li01 charon: 14[IKE] no private key found
for 'C=CA, ST=British Columbia, O=Continuum Systems,
CN=li01.csy.ca'

And yet, an ipsec listcerts shows that the cert has the
private key the first time round but in the endpoint list,
it doesn't. Why is the key being listed twice here?

li01:~# ipsec listcerts
000
000 List of X.509 End Certificates:
000
000 Jun 22 02:20:59 2010, count: 1
000        subject:  'C=CA, ST=British Columbia, O=Continuum Systems, CN=li01.csy.ca'
000        issuer:   'C=CA, ST=British Columbia, L=Vancouver, O=Continuum Systems, CN=li01 CA'
000        serial:    02
000        validity:  not before Jun 22 02:08:43 2010 ok
000                   not after  Jun 19 02:08:43 2020 ok
000        pubkey:    RSA 2048 bits, has private key
000        keyid:     09:c2:ed:6b:83:fc:99:1d:dc:ba:8d:68:9c:dc:4d:bd:68:a7:ab:4b
000        subjkey:   32:83:42:5c:1a:d7:96:42:e7:73:45:dc:d7:b4:7c:02:f3:8f:41:6c
000        authkey:   0d:33:d4:3b:fd:a8:40:03:88:ad:65:ba:dd:f6:57:50:72:b5:90:f2

List of X.509 End Entity Certificates:

  subject:  "C=CA, ST=British Columbia, O=Continuum Systems, CN=li01.csy.ca"
  issuer:   "C=CA, ST=British Columbia, L=Vancouver, O=Continuum Systems, CN=li01 CA"
  serial:    02
  validity:  not before Jun 22 02:08:43 2010, ok
             not after  Jun 19 02:08:43 2020, ok
  pubkey:    RSA 2048 bits
  keyid:     09:c2:ed:6b:83:fc:99:1d:dc:ba:8d:68:9c:dc:4d:bd:68:a7:ab:4b
  subjkey:   32:83:42:5c:1a:d7:96:42:e7:73:45:dc:d7:b4:7c:02:f3:8f:41:6c
  authkey:   0d:33:d4:3b:fd:a8:40:03:88:ad:65:ba:dd:f6:57:50:72:b5:90:f2

Any help greatly appreciated,
Shane




More information about the Users mailing list