[Openswan Users] CRLS in 2.1.0
Niki Waibel
niki.waibel at newlogic.com
Mon Mar 22 10:30:38 CET 2004
On 21-Mar-2004 Ken Bantoft wrote:
> On Sat, 20 Mar 2004, Dennis Boylan wrote:
>
>> While trying to debug my new VPN setup, I installed Linux 2.4.25 and
>> OpenSwan 2.1.0 on my Mandrake 10.0 Community release machine. If I follow
>> Nate's guide for X.509 certificates, I install the crls.pem I generated
>> on the main machine. Pluto dies trying to load it. By removing it,
>> pluto is happy and I can create tunnels. There is also an issue in the
>> make install, it does not install _pluto_adns. I had to manually install this
>> to make pluto work without generating an error.
>
> Fixed in CVS, and will be fixed in 2.1.1 when it's released. There's a
> patch on www.openswan.org/code for the _pluto_adns stuff.
>
> The crls.pem file cores seem to be machine specific - very hard to track
> down. If you have a copy of one that crashs pluto, if possible, give me a
> copy so we can test further.
i have the same problem. pluto (openswan-2.1.0rc1) crashes when using a
/etc/ipsec.d/crls/crl.pem file (attached -- hope that's ok).
how can i help to debug this?
i am using linux-2.6.4 with kernel ipsec on a stripped fedora core 1 + updates.
machines:
vendor_id : GenuineIntel
cpu family : 6
model : 8
model name : Pentium III (Coppermine)
stepping : 10
cpu MHz : 996.457
cache size : 256 KB
and
vendor_id : GenuineIntel
cpu family : 6
model : 7
model name : Pentium III (Katmai)
stepping : 3
cpu MHz : 551.332
cache size : 512 KB
compiler: gcc-3.3.3 + binutils-2.15.90.0.1.1
>> The main machine is a fedora core 1 with 2.4.25 and 2.1.0rc1. It does not
>> have the issue with the crls.pem file. It also properly installs _pluto_adns.
niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: crl.pem
Type: application/octet-stream
Size: 1053 bytes
Desc: crl.pem
Url : http://lists.openswan.org/pipermail/users/attachments/20040322/2cac0299/crl.obj
More information about the Users
mailing list