[Openswan Users] no RSA public key known for 'C=..., O=...,
CN=...'
Graham Leggett
minfrin at sharp.fm
Mon Jun 28 14:36:24 CEST 2004
Tuomo Soini wrote:
> Exactly what it does say. It can't match any connection entry with your
> RSA public key because you had wrong id string.
Does DNS play a role in all of this?
The certificate's CN is rachel.wired.co.za, but the name
rachel.wired.co.za resolves in the DNS to an address on the network
behind the roadwarrior (in fact, an address accessible via the VPN)
instead of the IP address of the roadwarrior itself (which is dynamic).
There are no messages from freeswan to indicate that it is doing a DNS
lookup, or that DNS names matter, but one needs to be certain.
Regards,
Graham
--
More information about the Users
mailing list