[strongSwan] need help for host2host-cert setup

Andreas Steffen andreas.steffen at strongswan.org
Wed Mar 24 14:37:29 CET 2010 

Execute

   ipsec rereadsecrets

and look for error messages in the log. It might be that your passphrase
is not correct.

   ipsec listcerts

should show your certificate with the comment

   .., has private key

Best regards

Andreas

On 24.03.2010 14:01, Abbhishek Misra wrote:
>   Hello All,
>
>   I'm trying to setup  host2host-cert example but very basic steps are
>   not going through.
>
>
>   plm56:~/abhishek # ipsec up host-host
>   initiating IKE_SA host-host[1] to 9.182.176.61
>   generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP) ]
>   sending packet: from 9.182.176.56[500] to 9.182.176.61[500]
>   received packet: from 9.182.176.61[500] to 9.182.176.56[500]
>   parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) (NATD_D_IP)
>   N(MULT_AUTH) ]
>   no private key found for 'plm56.in.ibm.com'
>   plm56:~/abhishek #
>
>
>   I have used all conf files as mentioned in the example
>
>   ipsec listcerts is not showing my certificates that i generated using
>   this doc http://www.ipsec-howto.org/x595.html
>
>   This is how my secrets file looks
>
>          plm56:~/abhishek # cat /etc/ipsec.secrets
>          # /etc/ipsec.secrets - strongSwan IPsec secrets file
>          : RSA newkey.pem "abhishek"
>
>
>   following is my dir listing                  http://pastebin.com/PZUgn6zQ
>
>   this is my /etc/ssl/openssl.cnf          http://pastebin.com/w3v2zymm
>
>   i have gone through
>   https://lists.strongswan.org/pipermail/users/2009-August/003771.html
>   and verified modulus for newcert.pem and newkey.pem
>
>   Please take a look at these and let me know what more should I do to
>   get through.
>
>
>   regards
>   Abhishek Misra

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

More information about the Users mailing list