[strongSwan] no private key found with ECDSA certificate

Mark M mark076h at yahoo.com
Wed May 27 04:52:22 CEST 2015


I am trying to use ECDSA certificates with my setup and I keep getting "no private key found" on my strongswan server when a client connects. I am using CentOS 7 and strongSwan 5.2.0. I am using the android client to connect and the certificate authentication works fine on the Android device.
Any ideas on what would cause the private key to not be found or be authenticated correctly?

14[CFG]   using trusted ca certificate "C=US, ST=MA, L=SELF, O=SSCA, OU=SS, CN=192.168.1.7"14[CFG] checking certificate status of "C=US, ST=MA, L=SELF, O=SSCA, OU=SS, CN=phone1ecc"14[CFG] certificate status is not available14[CFG]   reached self-signed root ca with a path length of 014[IKE] authentication of 'C=US, ST=MA, L=SELF, O=SSCA, OU=SS, CN=phone1ecc' with ECDSA-384 signature successful14[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding14[IKE] peer supports MOBIKE14[IKE] no private key found for 'C=US, ST=MA, L=SELF, OU=SSCA'14[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]14[NET] sending packet: from 192.168.1.7[4500] to 70.162.232.57[5477] (88 bytes)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150527/9c1e5f8b/attachment-0001.html>


More information about the Users mailing list