[strongSwan] No private key found for 'C=CA ...........'
Martin Willi
martin at strongswan.org
Fri Jul 26 09:09:34 CEST 2013
Hi Farid,
> left:
> cp lmu55Key.pem lmu55:/etc/ipsec.d/private/
> cp lmu55Cert.pem lmu55:/ipsec.d/certs/
> cp caCert.pem lmu55:/ipsec.d/cacerts/
>
> right:
> cp lmu55Key.pem lmu55:/etc/ipsec.d/private/
> cp lmu55Cert.pem lmu55:/ipsec.d/certs/
> cp caCert.pem lmu55:/ipsec.d/cacerts/
I assume you have copied lmu56* to the appropriate places as well?
> no RSA private key found for 'C=CA, CN=lmu55'
At a first look the generation of your keys/certs looks good, but for
some reason the daemon can't find the private key for your certificate.
To check if the private key has been loaded, call "ipsec listcerts". It
should list your peer certificate, and if it has a private key for it,
it should state "has private key".
If this is not the case, you should check the log and see if there is
any error during daemon startup. Alternatively, you can invoke the IKE
daemon in the foreground using "ipsec start --nofork".
Regards
Martin
More information about the Users
mailing list