[strongSwan] strongswan client 5.6.2 on linux unable to use ECDSA certs or keys

Ettore Tagarelli tagahect at gmail.com
Fri Apr 22 03:26:50 CEST 2022


I managed to compile and install charon-nm adding --enable-nm.
I also installed nm plugin 1.5.2.
Anyway I'm stuck again. Plugin keeps asking for private key password that I
never used, I tried to flag "password not requested" but it keeps asking
but there's no password. If i leave it blamk or I write something the
connection doesn't happen.
This is the log if I don't provide a password:
___________________
Apr 22 03:18:38 cash NetworkManager[9071]: <info>  [1650590318.4928]
vpn-connection[0x55b001bec110,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: Saw the service appear; activating connection
Apr 22 03:18:38 cash charon-nm: 05[LIB] building CRED_PRIVATE_KEY - ANY
failed, tried 3 builders
Apr 22 03:18:42 cash charon-nm: message repeated 2 times: [ 05[LIB]
building CRED_PRIVATE_KEY - ANY failed, tried 3 builders]
Apr 22 03:18:42 cash NetworkManager[9071]: <error> [1650590322.2344]
vpn-connection[0x55b001bec110,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: final secrets request failed to provide sufficient secrets
Apr 22 03:18:42 cash NetworkManager[9071]: <info>  [1650590322.2421]
vpn-connection[0x55b001bec110,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: VPN plugin: state changed: stopped (6)
_______________________________________

...and this if I give any password:

_______________________________
Apr 22 03:20:10 cash NetworkManager[9071]: <info>  [1650590410.2972]
vpn-connection[0x55b001bec310,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: Saw the service appear; activating connection
Apr 22 03:20:10 cash charon-nm: 05[LIB] building CRED_PRIVATE_KEY - ANY
failed, tried 3 builders
Apr 22 03:20:10 cash charon-nm: 05[LIB] building CRED_PRIVATE_KEY - ANY
failed, tried 3 builders
Apr 22 03:20:16 cash NetworkManager[9071]: <info>  [1650590416.5539]
settings-connection[0x55b001a652e0,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224]:
write: successfully updated (keyfile: update
/etc/NetworkManager/system-connections/Connessione VPN 6
(8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione VPN 6")), connection was
modified in the process
Apr 22 03:20:16 cash charon-nm: 05[LIB] building CRED_PRIVATE_KEY - ANY
failed, tried 3 builders
Apr 22 03:20:16 cash NetworkManager[9071]: <info>  [1650590416.5615]
vpn-connection[0x55b001bec310,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: VPN connection: (ConnectInteractive) reply received
Apr 22 03:20:16 cash charon-nm: 05[CFG] received initiate for
NetworkManager connection Connessione VPN 6
Apr 22 03:20:16 cash charon-nm: 05[LIB] building CRED_CERTIFICATE - X509
failed, tried 3 builders
Apr 22 03:20:16 cash NetworkManager[9071]: <warn>  [1650590416.5631]
vpn-connection[0x55b001bec310,8dffed9c-f63f-47b8-b0eb-7bfe7d2a3224,"Connessione
VPN 6",0]: VPN connection: failed to connect: 'Loading gateway certificate
failed.'
_________________________________________
I read this thread https://wiki.strongswan.org/issues/3428 but it didn't
help me.
please help
Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20220422/ebe1c1fc/attachment.html>


More information about the Users mailing list