[strongSwan] v4.4.1 on squeeze w/ ios6: server cert verification fails
Jason
strongswan at lakedaemon.net
Wed Jan 2 04:45:12 CET 2013
All,
I just got strongswan installed on my debian squeeze box this evening.
everything seems to be going smoothly (eg I'm behind a nat that
_actually_ forwards esp packets) until I try to connect. My iphone
gives me "Could not validate the server certificate".
I'm using the IPSec configuration (no l2tp) with my own CA.
So, I've tries a bunch of different flavors of "openssl pkcs12 -export
..." to generate a .p12 of my ca. No matter what I do, I get "The
container "Identity Certificate" must contain only one certificate and
its private key."
Is apple really that daft as to require the CA's _private_ key? No, I'm
probably missing something. Any pointers? I think I reached the end of
both duckduckgo and google...
thx,
Jason.
More information about the Users
mailing list