[strongSwan] strongswan ignores ipsec.d/certs/ @start
lejeczek
peljasz at yahoo.co.uk
Thu Oct 31 11:31:50 CET 2019
hi everyone
I'm having problems with certs, strongswan complains about missing keys
and some more..
But I want to ask if this behavior where servers does not load anything
from '/etc/strongswan/ipsec.d/certs' is normal & expected?
It does goes through /etc/strongswan/ipsec.d/cacerts and
/etc/strongswan/ipsec.d/aacerts etc but not that one.
I do have on server this in config:
leftcert="vpn-clusterserver.cert.der"
and then when I make rightid on the roadwarrior to be SDN of that cert,
on the server is see:
08[IKE] no private key found for 'CN=vpn.nrr.tam.private.' (which is the
leftid of the server & rightid of the roadwarrior)
Even though the key file gets loaded @server start.
Not weird?
many thanks, L.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pEpkey.asc
Type: application/pgp-keys
Size: 1757 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20191031/68dbf2d2/attachment.key>
More information about the Users
mailing list