[Openswan Users] openswan-2 cvs x509 troubles
Dax Kelson
dax at gurulabs.com
Mon Apr 26 18:28:54 CEST 2004
On Mon, 2004-04-26 at 00:35, Michael Richardson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> >>>>> "Ken" == Ken Bantoft <ken at xelerance.com> writes:
> Ken> Update to latest CVS... mcr commited a slew of changes for
> Ken> X.509 policies tonight. They will probably fix this...
>
> >> Further debugging of my "no RSA public key known" problem.
>
> Latest CVS can say:
>
> leftcertsend={never,ifasked,always}
Hmmmphphhh. I just pulled CVS and tried.
# /etc/init.d/ipsec start
ipsec_setup: Starting Openswan IPsec Ucvs2004Mar28_22:20:06/K2.4.21-9.0.1.EL...
ipsec_setup: auto=manual search: (/etc/ipsec.conf, line 28) unknown parameter name "leftcertsend"
ipsec_setup: unable to determine what conns to manual --up; none done
This the server side:
conn %default
left=66.62.77.2
leftnexthop=66.62.77.1
leftid="C=US, ST=Utah, O=Guru Labs, CN=fw.gurulabs.com"
leftcert=fw.gurulabs.com-hostCert.pem
leftcertsend=always <---- line 28
leftrsasigkey=%cert
rightrsasigkey=%cert
authby=rsasig
compress=no
keyingtries=0
auto=add
More information about the Users
mailing list