[strongSwan] [IKE] no private key found for ...

Andreas Steffen andreas.steffen at strongswan.org
Fri Nov 21 17:30:52 CET 2014

Cześć Jacek,

the private key is loaded via an entry in /etc/ipsec.secrets:

 : RSA gwKey.pem  "<optional password>"

and the actual key file must be stored in the /etc/ipsec.d/private/
directory. If your gateway certificate is bundled with the matching
private key in a PKCS#12 file then alternatively you can add the

 : P12 gwCert.p12  "<password>"

in ipsec.secrets.



On 11/21/2014 03:39 PM, Leszczynski, Jacek (NSN - PL/Wroclaw) wrote:
> Hi,
> quick question.
> I try to set up certificate ipsec connection, but I have some issues
> mainly I don’t know how my private key should be set –up on secGw. I am
> getting certificate from an CA server on device and I manually copied
> the same certificate to secGw but phase 2 for ike does not work since I
> do not have private.key in ipsec.secrets file. What should I do?    
> Br
> Jacek

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141121/2fb253a3/attachment.bin>

More information about the Users mailing list