[strongSwan] building CRED_CERTIFICATE - TRUSTED_PUBKEY failed

Marcelo Barbudas nostef at gmail.com
Fri Nov 15 05:18:01 CET 2013


Hi.

I have the following setup:

conn ios
        keyexchange=ikev1
        left=%defaultroute
        leftallowany=yes
        leftfirewall=yes
        leftcert=serverCert.pem
        leftsubnet=192.168.21.0/24
        leftauth=rsa
        right="C=CH, O=strongSwan, CN=client"
        rightid="C=CH, O=strongSwan, CN=client"
        rightcert=clientCert.pem
        rightrsasigkey=clientCert.pem
        rightauth=rsa
        rightauth2=xauth-noauth
        rightsourceip=192.168.22.0/24
        auto=add

When starting strongswan I can see:

Nov 15 04:12:13 ip-10-195-82-145 charon: 09[CFG]   loaded certificate
"C=CH, O=strongSwan, CN=client" from 'clientCert.pem'

Nov 15 04:12:13 ip-10-195-82-145 charon: 09[LIB] building
CRED_CERTIFICATE - TRUSTED_PUBKEY failed, tried 3 builders

Nov 15 04:12:13 ip-10-195-82-145 charon: 09[CFG]   loading public key
for "C=CH, O=strongSwan, CN=client" from 'clientCert.pem' failed

Nov 15 04:12:13 ip-10-195-82-145 charon: 09[LIB] building
CRED_CERTIFICATE - TRUSTED_PUBKEY failed, tried 3 builders

Nov 15 04:12:13 ip-10-195-82-145 charon: 09[CFG]   loading public key
for "%any" from 'clientCert.pem' failed

What am I doing wrong? This is causing down the line an issue where I
get looking for RSA sigs and peer config not found.

-M.




More information about the Users mailing list