[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-users
Subject:    [strongSwan] scepclient and cisco
From:       Germano Veit Michel <germanovmichel () aim ! com>
Date:       2012-03-30 13:42:35
Message-ID: 8CEDC92192E5DB3-D3C-416F () Webmail-d122 ! sysops ! aol ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hello,


I've been trying to get scepclient to work with CISCO (IOS 15) for a week, turned all \
debugging on and still no success.


CISCO fails with "unable to open signed data" when I request a certificate (get ca \
cert works).


This is what I'm doing:



ipsec scepclient --out cert=mycert.der --dn "CN=myname" -k 1024 --url \
http://10.1.1.2/cgi-bin/pkiclient.exe --in cacert-enc=CISCO.der --in \
cacert-sig=CISCO.der


The wiki documentation for scepclient is extremely poor. I could improve it with some \
cisco examples if I get this to work...



Are there any special options/compile options? Opinions on what could be wrong?


Thanks,

Germano Veit Michel
germanovmichel@aim.com


[Attachment #5 (unknown)]

<font color='black' size='2' face='Arial, Helvetica, sans-serif'>Hello,
<div><br>
</div>

<div>I've been trying to get scepclient to work with CISCO (IOS 15) for a week, \
turned all debugging on and still no success.</div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">CISCO fails with "unable to open signed data" \
when I request a certificate (get ca cert works).</span></div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">This is what I'm doing:</span></div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">
<div>ipsec scepclient --out cert=mycert.der --dn<span style="font-size: 10pt; \
">&nbsp;"CN=myname" -k 1024 --url http://10.1.1.2/cgi-bin/pkiclient.exe --in \
cacert-e</span><span style="font-size: 10pt; ">nc=CISCO.der --in \
cacert-sig=CISCO.d</span><span style="font-size: 10pt; ">er</span></div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">The wiki documentation for scepclient is \
extremely poor. I could improve it with some cisco examples if I get this to \
work...</span></div> </span></div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">Are there any special options/compile options? \
Opinions on what could be wrong?</span></div>

<div><span style="font-size: 10pt; "><br>
</span></div>

<div><span style="font-size: 10pt; ">Thanks,</span></div>

<div>
<div style="clear:both">Germano Veit Michel<br>
germanovmichel@aim.com<br>
</div>
</div>
</font>



_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic