[strongSwan] loading private key file is failing with charon, when trying to establish IPsec tunnel with certifiactes.
Paul Theodoropoulos
paul at anastrophe.com
Fri May 31 18:52:38 CEST 2013
First, check file permissions on the path to the Private key. If those
are okay, increase the logging level on strongswan and perhaps it will
offer more helpful details on why it's failing.
On 5/30/13 11:12 PM, bhargav p wrote:
> Hi,
>
> I am trying to establish the IPsec tunnel with certificates with charon.
>
> From the logs the below error is thrown:
>
> L0 - RSAPrivateKey:
> charon: 00[LIB] L1 - version:
> charon: 00[LIB] => 1 bytes @ 0x1200ac406
> charon: 00[LIB] 0: 00 .
> charon: 00[LIB] L1 - modulus: ASN1 tag 0x02 expected, but is 0x30
> charon: 00[LIB] => 15 bytes @ 0x1200ac407
> charon: 00[LIB] 0: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00
> 0...*.H........
> charon: 00[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 5 builders
> charon: 00[CFG] loading private key from
> '/etc/ipsec/certs/ipsec.d//private/defaultPrivateKey.pem' failed
> charon: 00[LIB] plugin 'stroke': loaded successfully
> charon: 00[LIB] plugin 'kernel-netlink': loaded successfully
> charon: 00[DMN] loaded plugins: openssl random pem x509 pubkey pkcs1
> hmac xcbc stroke kernel-netlink
> May 31 13:32:21.117438 info CLA-0 charon: 00[JOB] spawning 16 worker
> threads
> charon: 07[LIB] file content is not binary ASN.1
>
> Can some one help me here.
>
> Using strongswan version:4.5.3
>
>
--
Paul Theodoropoulos
www.anastrophe.com
More information about the Users
mailing list