[Openswan Users] CA Cert Expired!!
Andreas Steffen
andreas.steffen at strongsec.net
Mon Nov 14 17:12:04 CET 2005
Agent Smith wrote:
>
> Thanks for that, I was able to generate a new cacert
> and it does show up as a valid cert now in the 'ipsec
> auto --listcacerts' output. the tunnels are still
> broken with same error message.
Which error message?
> any suggestions?
Windows XP might not accept the fact that the notBefore date of the
re-issued CA cert is later than the notBefore date of the client certs.
I don't know if the "openssl req" command accepts a "-startdate"
parameter.
Regards
Andreas
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list