[strongSwan] PKCS#12 and leftid
Jacques Monin
jacques.monin01 at gmail.com
Thu May 21 17:31:17 CEST 2015
Thanks to your method I succeded in using keyid prefix (authentification
was succesfull) but I didn't manage to do the same with asn1dn prefix.
If you have any reference (website, paper) talking about this, I would be
glad to read them.
So I successed in creating a DER format file but I don't know wich part of
the "openssl asn1dn ..." I'm supposed to specify in
leftid="asn1dn:#xxxxxx". I dont know what is supposed to replace xxxxx.
Thanks for your help
2015-05-21 0:25 GMT+02:00 Volker Rümelin <vr_strongswan at t-online.de>:
> Hi Jacques,
>
> However, I would need to be able to use the old certificates I have. Is
>> there still any way to use them ?
>>
>>
> Do I have to convert unicode to binary to have something like
>> leftid=asn1dn:#0a010110101...
>>
>> Moreover the sharp sign seems to be interpreted as commentary in bash,
>> how am I suppose to prevent it ?
>>
>
> You have to use quotes.
>
> leftid="asn1dn:#306c310b3009060355040613024445...
>
> And you have to specify the DN in DER encoded format.
>
> openssl asn1parse decodes my DN example to
> 0:d=0 hl=2 l= 108 cons: SEQUENCE
> 2:d=1 hl=2 l= 11 cons: SET
> 4:d=2 hl=2 l= 9 cons: SEQUENCE
> 6:d=3 hl=2 l= 3 prim: OBJECT :countryName
> 11:d=3 hl=2 l= 2 prim: PRINTABLESTRING :DE
> 15:...
>
> Regards,
> Volker
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150521/b6de417e/attachment.html>
More information about the Users
mailing list