[Openswan Users] Openswan 2.2 and Safenet Client

Rolf Offermanns roffermanns at sysgo.com
Thu Nov 18 17:58:13 CET 2004


Paul Wouters wrote:
> On Thu, 18 Nov 2004, Rolf Offermanns wrote:
> 
>>> Try removing the @ symbol. It has a special meaning.
>>>
>>> (and mail me back if this indeed solved your problem)
>>>
>> I don't think this is the problem, since it works here.
>> The Email address *must* be contained in the certs. subjectAltName 
>> attribute.
>> Otherwise openswan will not accept it as id.
> 
> 
> As far as I could understand your config, there was no certificates 
> involved
> with proper Subject from the X.509 certificate in the left/rightid= 
> field. You
> were using straight email address syntax as id.
> 
> It also tells you INVALID_ID. The id is just wrong.
> 
It's not my setup, but Alexanders.
He will be able to use straight email address syntax as id, as long as
he puts the email address in the certificates subjectAltName attribute.

Unless I am missunderstanding the problem...

-Rolf

-- 
Rolf Offermanns <roffermanns at sysgo.com>
SYSGO AG     Tel.: +49-6136-9948-0
Am Pfaffenstein 14   Fax: +49-6136-9948-10
55270 Klein-Winternhein  http://www.sysgo.com



More information about the Users mailing list