[strongSwan] charon-nm (5.5.3): building CRED_PRIVATE_KEY - RSA failed, tried 10 builders

Harald Dunkel harald.dunkel at aixigo.de
Mon Jun 5 12:51:08 CEST 2017


Hi folks,

charon-nm seems to reject a key, but its error message doesn't
appear to be very useful:

Jun 05 11:42:13 ppcl001 charon-nm[6609]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 10 builders
Jun 05 11:42:13 ppcl001 charon-nm[6609]: 05[CFG] received initiate for NetworkManager connection IKEv2
Jun 05 11:42:13 ppcl001 charon-nm[6609]: 05[CFG] using CA certificate, gateway identity 'gate.example.com'
Jun 05 11:42:13 ppcl001 charon-nm[6609]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 10 builders

To make it work I could assign another passphrase to the key

	openssl rsa -in oldkey.pem -aes256 -out newkey.pem

The question is, though, why the oldkey.pem didn't work? Was it
encrypted using a deprecated cipher? Bad passphrase?

I have to make sure that the passphrase wasn't corrupted by the
Network Manager integration. What would you suggest?


Regards
Harri


More information about the Users mailing list