[strongSwan] PKCS#12 and leftid

Volker Rümelin vr_strongswan at t-online.de
Thu May 21 00:25:05 CEST 2015

Hi Jacques,

> However, I would need to be able to use the old certificates I have. Is
> there still any way to use them ?

> Do I have to convert unicode to binary to have something like
> leftid=asn1dn:#0a010110101...
> Moreover the sharp sign seems to be interpreted as commentary in bash,
> how am I suppose to prevent it ?

You have to use quotes.


And you have to specify the DN in DER encoded format.

openssl asn1parse decodes my DN example to
     0:d=0  hl=2 l= 108 cons: SEQUENCE
     2:d=1  hl=2 l=  11 cons:  SET
     4:d=2  hl=2 l=   9 cons:   SEQUENCE
     6:d=3  hl=2 l=   3 prim:    OBJECT            :countryName
    11:d=3  hl=2 l=   2 prim:    PRINTABLESTRING   :DE


More information about the Users mailing list