[Openswan Users] openswan-2 CVS x509/cert issue? (no RSA
public key known)
Dax Kelson
dax at gurulabs.com
Fri Apr 23 15:26:34 CEST 2004
On Fri, 2004-04-23 at 13:45, Ken Bantoft wrote:
> Your left/right ID's are wrong. Should be in the X.509 CN format, not
> RSASig style. eg:
>
> leftid="C=CA, ST=Ontario, L=Toronto, O=Xelerance, OU=North America, CN=Ken Bantoft/emailAddress=ken at xelerance.com"
I switched my leftid's and rightid's to use this syntax as apposed to
the @FQDN on the server and client.
No change, same error.
Apr 23 14:18:18 fw pluto[12030]: "glhq-daxhome"[10] 67.161.218.32 #17: Peer ID is ID_DER_ASN1_DN: 'C=US, ST=Utah, O=Guru Labs, CN=intruder.gurulabs.com'
Apr 23 14:18:18 fw pluto[12030]: "glhq-daxhome"[10] 67.161.218.32 #17: no RSA public key known for 'C=US, ST=Utah, O=Guru Labs, CN=intruder.gurulabs.com'
So, it seems the two syntax are equivalent, which was my understanding
if the certificates were created with subjectAltNames.
More information about the Users
mailing list