[Openswan Users] problem connecting: INVALID_CERTIFICATE
Jacco de Leeuw
jacco2 at dds.nl
Fri Dec 16 23:34:35 CET 2005
aram price wrote:
> ignoring informational payload, type INVALID_CERTIFICATE
> conn l2tp-b-cert
> authby=rsasig
> leftcert=vpnserver.foo.com.pem
If you are using Mac OS X, you also need leftid=@vpnserver.example.com
and the certificate should contain subjectAltName=DNS:vpnserver.example.com
Paul Wouters wrote:
> Are you using certificates on OSX? How did you configure those for X.509?
Perhaps he checked out my webpage:
http://www.jacco2.dds.nl/networking/freeswan-panther.html#Certs
(You'll love that import script! :-)
> I would try Windows first, X.509 on OSX is still very much untested and
> under strange restrains. I hope it will be better when 10.4.4 comes
> out in the next week.
Huh? You got inside information on that? I don't get the impression there
is much going on over there in Cupertino. The upcoming Openswan 2.4.5
on the other hand will be much more important because it contains updated
support for Mac clients.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
Mosquitos suck
More information about the Users
mailing list