[strongSwan] strongswan pki command error

anand rao anandrao_me at yahoo.co.in
Fri Nov 11 13:13:08 CET 2011 

Hi Andreas,

   Please find the caKey.der attached. It was unreadable using cat command.

Regards
Anand



----- Original Message -----
From: Andreas Steffen <andreas.steffen at strongswan.org>
To: anand rao <anandrao_me at yahoo.co.in>
Cc: "users at lists.strongswan.org" <users at lists.strongswan.org>
Sent: Friday, November 11, 2011 5:39 PM
Subject: Re: [strongSwan] strongswan pki command error

Could you send me that private key file?

Regards

Andreas

On 11/11/2011 12:00 PM, anand rao wrote:
> Hi Andreas,
> 
> when I execute openssl rsa -inform der -in caKey.der -noout -text
> I am getting below errors.
> 
> 
> root at OpenWrt:/# openssl rsa -inform der -in caKey.der -noout -text
> unable to load Private Key
> 8193:error:0D094065:lib(13):func(148):reason(101):NA:0:
> 8193:error:0D0680A8:lib(13):func(104):reason(168):NA:0:
> 8193:error:0D07803A:lib(13):func(120):reason(58):NA:0:Type=RSA
> 8193:error:0D09A00D:lib(13):func(154):reason(13):NA:0:
> 
> 
> BR's
> Anand
> 
> 
> ----- Original Message -----
> From: Andreas Steffen <andreas.steffen at strongswan.org>
> To: anand rao <anandrao_me at yahoo.co.in>
> Cc: "users at lists.strongswan.org" <users at lists.strongswan.org>
> Sent: Thursday, November 10, 2011 7:28 PM
> Subject: Re: [strongSwan] strongswan pki command error
> 
> Hi Anand,
> 
> If I execute the same commands then the ca cert generation works.
> 
> - Verify if openssl rsa -inform der -in caKey.der -noout -text works
> 
> Regards
> 
> Andreas
> 
> On 10.11.2011 14:49, anand rao wrote:
>> Hi,
>>
>>    I am using strongswan 4.3.6
>>
>> I have tried generate certificates using strongswan PKI gen tool to generate RSA certificate.
>> I am getting below errors.
>>
>> root at evm1gw:/etc/cert# ipsec pki --gen>  caKey.der
>> root at evm1gw:/etc/cert#
>> root at evm1gw:/etc/cert# ipsec pki --self --in caKey.der --dn "C=IN,O=strongSwan, CN=strongSwan CA" --ca>  caCert.der
>> file coded in unknown format, discarded
>> building CRED_PRIVATE_KEY - RSA failed, tried 6 builders
>> parsing private key failed
>>
>> I have used the default load so all the plugins are loaded. Please help.
>>
>> Thanks,
>> Anand

======================================================================
Andreas Steffen                        andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: caKey.der
Type: application/x-x509-ca-cert
Size: 1473 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111111/671545c5/attachment.crt>

More information about the Users mailing list