[Openswan Users] Strange Problem with X509 certificates
lists at itcserra.net
Sun Dec 12 20:24:38 CET 2004
by following the excellent document written by Nate Carlson i set up my
certification authority; i then have generated and signed the host
certificate and the client certificate.
In the first Firewall everything works fine and now i can create new
certificates, revoke someone and Windows roadwarriors connects, by using
SafeNet High Assurance remote Windows Client.
I then setup a second gateway, the procedure was the same. The strange thing
is that i cannot connect: i export the .DER of the CA and import it on the
Client, i export the PKCS12 certificate and import in the client but the
connection gives me, server side, an "INVALID ID NOTIFICATION". It seems
that the Linux IPSEC Gateway does not like the ID that the client sends.
The configuration is the same of the first machine.
Where can i look?
Thank you, regards.
More information about the Users