[strongSwan] PKCS#12 and leftid
Volker Rümelin
vr_strongswan at t-online.de
Tue May 12 21:15:30 CEST 2015
Hi Jacques,
> After reading your explanations, I tried :
>
> 1)
> leftid="C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org,
> E=jacques.monin01 at gmail.com <mailto:jacques.monin01 at gmail.com>"
> I get : no private key found for 'C=FR, ST=R??gion Parisienne,
> L=Paris, OU=Org, CN=1.Org, E=jacques.monin01 at gmail.com
> <mailto:jacques.monin01 at gmail.com>'
>
I see ?? as replacement for é in the log output. This suggests your
ipsec.conf encoding is UTF-8.
> For example my certificate subjet is :
> C=FR, ST=Région Parisienne, L=Paris, OU=Org, CN=1.Org,
> E=jacques.monin01 at gmail.com <mailto:jacques.monin01 at gmail.com>
> but when I do ipsec listall I have :
> C=FR, ST=R?gion Parisienne, L=Paris, OU=Org, CN=1.Org,
> E=jacques.monin01 at gmail.com <mailto:jacques.monin01 at gmail.com>
>
Here you have only one ?. The encoding is definitely not UTF-8. Change
the RDN in your certificate to UTF8String and I expect your leftid
subject will match.
Regards,
Volker
More information about the Users
mailing list