[strongSwan] Query on client authentication using EAP-TLS

Martin Willi martin at strongswan.org
Mon Feb 23 14:06:03 CET 2015

Hi Akash,

> no TLS peer certificate found for '223456789123456 at nai.epc.mnc213.mcc090.3gppnetwork.org', skipping client authentication
> EAP_TLS method failed

As the TLS stack does not find a usable certificate with a private for
your ID, it skips client authentication. Your server most likely
requires that, though, and therefore cancels the TLS handshake.

Check if you have configured the private key for your client certificate
in ipsec.secrets, there is no related error in the startup log and that
"ipsec listcerts" shows "has private key" for your client certificate.


More information about the Users mailing list