[Openswan Users] Site to Site using X.509
Paul Wouters
paul at xelerance.com
Thu Sep 29 19:54:55 CEST 2005
On Thu, 29 Sep 2005, Mervyn Yeo wrote:
> And the logs on the right(Shukaku) shows,
> Sep 29 17:35:21 shukaku pluto[4197]: "u2s" #1: Main mode peer ID is
> ID_DER_ASN1_DN: 'C=AU, ST=Some-State, O=Internet Widgits Pty Ltd,
> CN=uzumaki.com'
> Sep 29 17:35:21 shukaku pluto[4197]: "u2s" #1: issuer cacert not found
> Sep 29 17:35:21 shukaku pluto[4197]: "u2s" #1: X.509 certificate rejected
> Sep 29 17:35:21 shukaku pluto[4197]: "u2s" #1: no suitable connection for
> peer 'C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=uzumaki.com'
You did not install the public key of the CA on Shukaku in /etc/ipsec.d/cacerts/
Paul
More information about the Users
mailing list