[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: [Openswan Users] Problem: no RSA pulic key know for -Problem on CentOS 5
From: fatcharly () gmx ! de
Date: 2016-01-28 10:26:14
Message-ID: trinity-661e7541-3f55-4488-9400-1095501fdcec-1453976774472 () 3capp-gmx-bs49
[Download RAW message or body]
Hi,
we are using a openswan-2.6.32-9/CentOS 5 for quite a few years with out any \
problems. But after a change on our x509-based VPN-connection (all others are PSK, \
system got compiled without the support for fipschek and nssdb) we ran into a \
problem. We send our VPN-Partner a new csr and he sent us back the certificate and \
the ca-file. But whenever we try to connect to our partner-side, we recieve die \
following error:
#1047: no RSA public key known for '@customer-tunnel-2015.customer-xxx.de'
this is our configuration:
conn customer
left=62.xxx.xxx.xxx
leftsubnet=192.168.170.0/24
leftnexthop=62.xxx.xxx.xxx
leftid="C=DE, ST=Town, L=Land, O=Organisation, OU=Organisastion, CN=vpn \
hostname" leftrsasigkey=%cert
leftcert=hostname-cert_2016.pem
right=82.xxx.xxx.xxx
rightsubnet=192.168.180.0/24
rightnexthop=82.xxx.xxx.xxx
rightid=@customer-tunnel-2015.customer-xxx.de
rightrsasigkey=%cert
authby=rsasig
auto=start
type=tunnel
ikelifetime=28800s
keylife=28800s
ike=3des-md5-modp1536
esp=3des-md5
pfs=yes
If I understand this errormsg right, then there is a problem with the cacert which we \
use to verify the remote station ?
Any suggestions are welcome
Kind regards
fatcharly
_______________________________________________
Users@lists.openswan.org
https://lists.openswan.org/mailman/listinfo/users
Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic