[Openswan Users] OpenS/WAN and Win2K/XP

David Spear dspear at telus.net
Tue Jan 25 15:52:35 CET 2005

> hi users,
> recently i reviewed the x509-patch-docs an so i know where to look for
> the clarificaton:
> from
> http://www.strongsec.com/freeswan/install.txt
> ST           State or province
> S            Surname
> You have a typo in the windos.conf in DN/subjectline of the cert.
> hopefuly it was the whole thing...
> regards
> jz
I fixed the error in ipsec.conf on the Win2K box but, alas, I still
receive the error "no suitable connection for
/C=CA/ST=BC/L=Penticton/O=HMEXC/CN=downstairs" on my openswan box.
Could someone please elaborate as to WHICH cert I should reference with 


in my openswan /etc/ipsec.conf.  I have tried using the same cert I am
using on the windows boxes (downstairs.pem) and my ca cert (cacert.pem).
Neither seems to work.  Or maybe I just have a config error in my
ipsec.conf as well.

Conn roadwarrior
	Leftcert=(what?  CA cert?  Host cert?)

Do I need to generate a cert for my freeswan gateway like I did for the
Windows boxes?  I have read and read and read the how-to's and just
can't seem to make things work.

More information about the Users mailing list