[strongSwan] user certificate could not be found via windows 7 vpn connect
jotpe
jotpe.osm at gmail.com
Fri Aug 22 17:12:12 CEST 2014
To get confident with ipsec, I followed the configuration examples for
estabslishing a secured host to host communication (with x509 pki certs)
between two debian servers. That works fine :)
Now the real job:
I'm trying to configure a debian server talking ipsec to windows 7 clients.
Like in the example before, I create CA und client certs, following this
instructions:
https://wiki.strongswan.org/projects/strongswan/wiki/SimpleCA
Following "B) Authentication using X.509 User Certificates"
https://wiki.strongswan.org/projects/strongswan/wiki/Win7UserConfig
I also inlcuded "--flag serverAuth --flag ikeIntermediate"
an error occurred while clicking on the vpn-connect button:
"A certificate could not be found that can be used with this Extensible
Authentication Protocol. (Error 798)"
I tried several things to solve it, by recreation of the windows client
cert:
- Changing the common name in from "sun" to my actual username. Doesn't
work.
- Merging the pubkey and private key to a single pfx file. The import
dialog sais, "imported correctly into own certs", but is never shown in the
cert manager.
Does anybody know how to create client certs, which Windows 7 accepts?
Best Regards, Johannes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140822/1028cf8b/attachment.html>
More information about the Users
mailing list