[Openswan Users] openswan-2 CVS x509/cert issue? (no RSA public key known)

Dax Kelson dax at gurulabs.com
Fri Apr 23 15:26:34 CEST 2004

On Fri, 2004-04-23 at 13:45, Ken Bantoft wrote:
> Your left/right ID's are wrong.  Should be in the X.509 CN format, not 
> RSASig style.  eg:
> leftid="C=CA, ST=Ontario, L=Toronto, O=Xelerance, OU=North America, CN=Ken Bantoft/emailAddress=ken at xelerance.com"

I switched my leftid's and rightid's to use this syntax as apposed to
the @FQDN on the server and client.

No change, same error.

Apr 23 14:18:18 fw pluto[12030]: "glhq-daxhome"[10] #17: Peer ID is ID_DER_ASN1_DN: 'C=US, ST=Utah, O=Guru Labs, CN=intruder.gurulabs.com'
Apr 23 14:18:18 fw pluto[12030]: "glhq-daxhome"[10] #17: no RSA public key known for 'C=US, ST=Utah, O=Guru Labs, CN=intruder.gurulabs.com'

So, it seems the two syntax are equivalent, which was my understanding
if the certificates were created with subjectAltNames.

More information about the Users mailing list