[strongSwan] Strongswan 5.5 - no private key found-
rajnohria at gmail.com
Mon Feb 12 19:23:20 CET 2018
Thanks, Based on response i was able to resolve my issue. I was removing
"/" when reading the subject.
On Fri, Feb 9, 2018 at 11:02 AM, Tobias Brunner <tobias at strongswan.org>
> Hi Rajeev,
> > Using DAVICI, I did make sure local.id is "C=US,
> > O=ARRIS Group, Inc., OU=DCA Remote Device Certificate,
> The comma between "Group" and "Inc." in the O RDN lets the identity
> string parser fail and this string will not be treated as ASN.1 DN but
> as opaque key ID, this won't match your private key during the lookup.
> If you want to configure DNs that contain commas you can either use /
> instead of comma to separate the RDNs (the whole string has to start
> with a slash then):
> /C=US/O=ARRIS Group, Inc./OU=DCA Remote Device
> Or you may configure the identity as binary ASN.1 value with the asn1dn:
> prefix (use the pki --dn utility). Also an option is to not configure
> an identity in the local auth config but instead the client certificate,
> then the identity should default to the subject DN of the certificate.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users