[strongSwan] IKEv1 Pubkey Auth Fails from Windows to Linux
tobias at strongswan.org
Thu Feb 4 11:48:52 CET 2016
>> Certificates used by different hosts seem to use the same subject DN.
>> Are these actually the same certificates/keys?
> Yes. I am using the same end-entity certificate/key on all of my test systems (Red Hat and Windows).
Are you absolutely sure that all certificates with the same subject DN
are actually based on the same public/private key pair? Refer to 
for a similar issue where that was not the case (although, it was IKEv2
and the authentication succeeded there after failed attempts). Anyway,
doing this is definitely not recommended.
> In case it makes a difference, I did test opening a tunnel from Linux
> to Windows, and that is now working properly (with the fix to the
> Windows configuration).
Interesting. How does the output of `ipsec listcerts` look like after
each of these runs?
More information about the Users