[strongSwan] iphone-to-strongswan configuration - working example.

Kamil Jońca kjonca at op.pl
Thu Jun 23 08:06:17 CEST 2022


[...]
> When I manually created p12 (private cert) I always got information
> about wrong password - no matter if embedded or entered manually.
> I created "certificate" profile with "Apple Configurator" and use it in
> my profile. For now I do not know what matters: key order? uppercase?
> payload identifier?

For those (anyone reads me?) , who might be interested (maybe annotation
at  https://docs.strongswan.org/docs/5.9/interop/appleIkev2Profile.html ?)

when I created p12 file with:
--8<---------------cut here---------------start------------->8---
openssl pkcs12 -export  -inkey private/key -in cert -out cert.p12
--8<---------------cut here---------------end--------------->8---
i got message about "Wrong certificate password" during profile install.

It has to be:
--8<---------------cut here---------------start------------->8---
openssl pkcs12 -export -legacy -inkey private/key -in cert -out cert.p12
--8<---------------cut here---------------end--------------->8---
and then profile was installed correctly.

KJ

-- 
http://stopstopnop.pl/stop_stopnop.pl_o_nas.html



More information about the Users mailing list