[strongSwan] Cert question

Andreas Steffen andreas.steffen at strongswan.org
Thu Feb 24 17:57:19 CET 2011

On 02/24/2011 05:44 PM, Gary Smith wrote:
> I think I almost have my first ptp connection setup. It seems to be
> getting hung up on the certs at this point. I had what I though was a
> working cert, but apparently it didn't have the private key in it. I
> thought I had exported the private key as well. I re-exported the key
> with cert chain, but that didn't help.
> I think I'm a little confused as to where the keys need to go. Do I
> need to export the cert (without key) and dump it into
> /etc/ipsec.d/certs and export the key separately and dump it into
> /etc/ipsec.d/private?
Yes, this is correct!

> Anyway, I'm using tinyca to manage the certs. I'm just missing what
> options I need to make this happen.
> Gary Smith



Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list