[strongSwan] strongswan aikgen errors
Avesh Agarwal
avesh.ncsu at gmail.com
Tue Jan 20 17:19:53 CET 2015
On Tue, Jan 20, 2015 at 10:37 AM, Avesh Agarwal <avesh.ncsu at gmail.com>
wrote:
> Hi,
>
> I just want to enable openssl plugin for all cryptographic needs. I have
> following plugins enabled/disabled:
>
> --enable-openssl \
> --disable-aes \
> --disable-des \
> --disable-md5 \
> --disable-rc2 \
> --disable-sha1 \
> --disable-sha2 \
> --disable-fips-prf \
> --disable-gmp \
> --disable-pubkey \
> --disable-pkcs1 \
> --disable-pkcs7 \
> --disable-pkcs8 \
> --disable-pkcs12 \
> --disable-dnskey \
> --disable-sshkey \
> --enable-sqlite \
> --enable-tnc-ifmap \
> --enable-tnc-pdp \
> --enable-imc-test \
> --enable-imv-test \
> --enable-imc-scanner \
> --enable-imv-scanner \
> --enable-imc-attestation \
> --enable-imv-attestation \
> --enable-imv-os \
> --enable-imc-os \
> --enable-imc-swid \
> --enable-imv-swid \
> --enable-tnccs-20 \
> --enable-tnccs-11 \
> --enable-tnccs-dynamic \
> --enable-tnc-imc \
> --enable-tnc-imv \
> --enable-curl \
> --enable-acert \
> --enable-aikgen
>
> However I observe following errors when using aikgen:
>
> strongswan pki --gen --type rsa --size 2048 > aikCaKey.der
>
> strongswan pki --pub --in aikCaKey.der > aikCaPub.der
>
> strongswan pki --self --in aikCaKey.der --dn "C=CH, O=test Project,
> CN=test Privacy CA" --lifetime 3650 --ca --digest sha256 > aikCaCert.der
>
> strongswan aikgen --capubkey aikCaPub.der --aikblob aikBlob.bin
> --aikpubkey aikPub.der building CRED_CERTIFICATE - TRUSTED_PUBKEY failed,
> tried 0 builders
> error: could not read ca public key file 'aikCaPub.der'
>
I noticed that I had to enable pubkey, and pkcs1/7/8/12 plugins too to make
it work and then there is no error.
>
> Thanks and Regards
> Avesh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150120/26112d03/attachment.html>
More information about the Users
mailing list