[Openswan Users] certificate with identical subject and issuer not accepted

Janis Daniel Bistevins bistevins at gmail.com
Wed Jan 11 15:22:22 CET 2006


Hi all!

I'm new to the list and vpn related.

I've been following Nate's excellent document and I can proudly say that I
have a working VPN between two linux boxes.
The problem now is with a WINXP roadwarrior machine.
Somehow the tunnel never come up and this is what I see in my logs on the
linux server:

Jan 11 11:07:31 LINUX-SERVER pluto[20419]: "roadwarrior"[2]
xxx.xxx.xxx.xxx#1: Main mode peer ID is ID_DER_ASN1_DN: 'C=AR,
ST=STATE, L=City, O=CAB,
OU=SIC, CN=user, E=user at domain.com'
Jan 11 11:07:31 LINUX-SERVER pluto[20419]: "roadwarrior"[2]
xxx.xxx.xxx.xxx#1: end certificate with identical subject and issuer
not accepted
Jan 11 11:07:31 LINUX-SERVER pluto[20419]: "roadwarrior"[2] xxx.xxx.xxx.xxx#1:
X.509 certificate rejected
Jan 11 11:07:31 LINUX-SERVER pluto[20419]: "roadwarrior"[2]
xxx.xxx.xxx.xxx#1: no RSA public key known for 'C=AR, ST=STATE,
L=City, O=CAB, OU=SIC,
CN=user, E=user at domain.com'
Jan 11 11:07:31 LINUX-SERVER pluto[20419]: "roadwarrior"[2]
xxx.xxx.xxx.xxx#1: sending encrypted notification
INVALID_KEY_INFORMATION to
xxx.xxx.xxx.xxx:500

So, what is this "end certificate with identical subject and issuer not
accepted" ?
I followed the guide, point by point and I can't figure out what is going
on.

Any help will be appreciated.

Thanks in advance.

Best regards.



--
            Janis Bistevins
>Belief is 9/10 of YOUR reality<
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060111/3a6b73e2/attachment.htm


More information about the Users mailing list