[strongSwan] need help for host2host-cert setup
andreas.steffen at strongswan.org
Wed Mar 24 14:37:29 CET 2010
and look for error messages in the log. It might be that your passphrase
is not correct.
should show your certificate with the comment
.., has private key
On 24.03.2010 14:01, Abbhishek Misra wrote:
> Hello All,
> I'm trying to setup host2host-cert example but very basic steps are
> not going through.
> plm56:~/abhishek # ipsec up host-host
> initiating IKE_SA host-host to 18.104.22.168
> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP) ]
> sending packet: from 22.214.171.124 to 126.96.36.199
> received packet: from 188.8.131.52 to 184.108.40.206
> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP)
> N(MULT_AUTH) ]
> no private key found for 'plm56.in.ibm.com'
> plm56:~/abhishek #
> I have used all conf files as mentioned in the example
> ipsec listcerts is not showing my certificates that i generated using
> this doc http://www.ipsec-howto.org/x595.html
> This is how my secrets file looks
> plm56:~/abhishek # cat /etc/ipsec.secrets
> # /etc/ipsec.secrets - strongSwan IPsec secrets file
> : RSA newkey.pem "abhishek"
> following is my dir listing http://pastebin.com/PZUgn6zQ
> this is my /etc/ssl/openssl.cnf http://pastebin.com/w3v2zymm
> i have gone through
> and verified modulus for newcert.pem and newkey.pem
> Please take a look at these and let me know what more should I do to
> get through.
> Abhishek Misra
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users